On 08/07/2020 17:21, Viktor Dukhovni wrote: > On Wed, Jul 08, 2020 at 04:36:55PM +0100, Matt Caswell wrote: > >> On 08/07/2020 16:28, Viktor Dukhovni wrote: >>>> How could I set the a System default "MinProtocol" for DTLS and TLS to 1.2? >>> >>> AFAIK, that's not presently possible. You can specify application >>> profiles, for applications that specify an application name when >>> initializing OpenSSL. Or use the OPENSSL_CONF environment variable to >>> select an alternative configuration file for DTLS applications. >> >> Arguably, that is a bug. You *should* be able to do that - perhaps based >> on some sensible mapping between TLS protocol versions based on whether >> we have a DTLS or TLS based SSL_METHOD. > > I agree that the situation with MinProtocol in openssl.cnf is > unfortunate. But instead of mappings, I would propose a different > solution: > > * Restrict MinProtocol/MaxProtocol to just TLS protocols, > i.e. SSL_CTX objects with a TLS-based method. > > * Introduct new controls: DTLSMinProtocolDTLS, DTLSMaxProtocol, > that are similarly restricted to SSL_CTX objects with a DTLS-based > method. > > * Since SSL_CTX_new() takes a required method argument, we are in > never in doubt as to which pair of controls to apply to a given > context. > > Thoughts? Yes - that could work. Although it begs the question - would it change the way SSL_CTX_set_min_proto_version() works? (I assume that currently works just fine as is) Another question that throws up is how much of that solution would we backport to 1.1.1 since DTLS(Min|Max)Protocol would be a new feature. Should we backport it anyway with the justification that it is a "fix"? Or do we just backport the bit that means it doesn't get applied to DTLS? Matt
