On 2020-09-10 09:03, Tomas Mraz wrote:
On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
Wouldn't a more reasonable response for 1.0.2 users have been to
force on
SSL_OP_SINGLE_DH_USE rather than recklessly deprecating affected
cipher
suites
and telling affected people to recompile with the fix off?
You seem to be mixing two different affected things. One is the static
DH ciphersuites. There is no remediation for these except for not using
them. Fortunately they are not really used by anyone. This can be
achieved on the server side by simply not providing the DH certificate.
On the client side they can be dropped from the ciphers string. This is
the "deprecating affected cipher suites" change part.
On the other hand the reuse of DH key for ephemeral DH can be only
disabled by setting SSL_OP_SINGLE_DH_USE by the calling server application. This is the part relevant for wider audience.
So yes, both issues can be remediated by application calling the
OpenSSL library. On the other hand it is not always possible to change
the application so we also provide fix to premium support customers in
terms of changing the openssl code.
The advisory didn't include this clarification, and didn't state if
1.0.2w fixes the DHE case by doing what 1.1.x does and act like
SSL_OP_SINGLE_DH_USE is always set.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
