[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#733255: marked as done (ssl-cert: start creating SHA2-based certificates)

Your message dated Thu, 29 May 2014 15:38:03 +0000
with message-id <E1Wq2P5-0001xh-7F@franck.debian.org>
and subject line Bug#733255: fixed in ssl-cert 1.0.34
has caused the Debian Bug report #733255,
regarding ssl-cert: start creating SHA2-based certificates
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
733255: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733255
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: ssl-cert
Version: 1.0.32
Severity: normal

Dear Maintainer,

Currently running "make-ssl-cert" creates self-signed (snake oil) certificates which use the Signature Algorithm "sha1WithRSAEncryption". This has been fine for the last few years, but there are some recently changes that warrant using SHA2-based algorithms in the future.

The first is that NIST SP800-57 rev 3 (July 2012) dictates that algorithms that have a "Security-strength" of less than 112 bits (see Table 4) are Disallowed from 2014 ownards:

http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf

SHA1 falls with-in this scenario, as it is considered to have only 80 bits of security.

If Debian is to be used in institutions that follow NIST standards, it needs to follow this regulation, and not use SHA1.

The second item is that Mircosoft has published a depreciation policy for the use of SHA1 in SSL and code signing certificates, disallowing their used starting in 2016:

http://blogs.technet.com/b/pki/archive/2013/11/12/sha1-deprecation-policy.aspx

While 2016 appears to be a long way off, given the time periods between Debian releases (and some derivative distributions), I ask that the "make-ssl-cert" script be updated as follows:

--- /usr/sbin/make-ssl-cert	2012-08-26 13:49:40.000000000 -0400
+++ make-ssl-cert.new	2013-12-27 14:34:40.979406380 -0500
@@ -100,7 +100,7 @@
 # create the certificate.
 
 if [ "$1" != "generate-default-snakeoil" ]; then
-    if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes \
+    if ! openssl req -config $TMPFILE -new -x509 -days 3650 -nodes -sha256 \
 	-out $output -keyout $output > $TMPOUT 2>&1
     then
 	echo Could not create certificate. Openssl output was: >&2

This would cause generated certificates to use the "sha256WithRSAEncryption" Signature Alogirthm. Most browsers support SHA-256, even quite old versions of Internet Explorer with the proper patches installed on the base OS:

http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

It would probably be sufficient to get this change into sid and jessie; backporting it to wheezy could be considered at a later time depending on when jessie is actually released and how long wheezy will be support (only 2015 or into 2016).

By doing this update now, there will hopefully be greater opportunity for testing of web browsers, as well as other software that uses SSL (Java, cURL, etc.), with SHA2-based algorithms.

Other options are SHA-384 (sha384WithRSAEncryption) and SHA-512 (sha512WithRSAEncryption):

$ openssl dgst -help 2>&1 | grep sha
-sha            to use the sha message digest algorithm
-sha1           to use the sha1 message digest algorithm
-sha224         to use the sha224 message digest algorithm
-sha256         to use the sha256 message digest algorithm
-sha384         to use the sha384 message digest algorithm
-sha512         to use the sha512 message digest algorithm

https://tools.ietf.org/html/rfc5754#section-3.2

I classified this bug as "normal" as it will have operation impact, though I can see it being thought of "wishlist" as well since that impact will be in the future.

-- System Information:
Debian Release: 7.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10.9 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages ssl-cert depends on:
ii  adduser                3.113+nmu3
ii  debconf [debconf-2.0]  1.5.49
ii  openssl                1.0.1e-2

ssl-cert recommends no packages.

Versions of packages ssl-cert suggests:
pn  openssl-blacklist  <none>

-- debconf information excluded

--- End Message ---
--- Begin Message --- 
Source: ssl-cert
Source-Version: 1.0.34

We believe that the bug you reported is fixed in the latest version of
ssl-cert, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 733255@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Stefan Fritsch <sf@debian.org> (supplier of updated ssl-cert package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 29 May 2014 16:44:30 +0200
Source: ssl-cert
Binary: ssl-cert
Architecture: source all
Version: 1.0.34
Distribution: unstable
Urgency: medium
Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
Changed-By: Stefan Fritsch <sf@debian.org>
Description: 
 ssl-cert   - simple debconf wrapper for OpenSSL
Closes: 733255
Changes: 
 ssl-cert (1.0.34) unstable; urgency=medium
 .
   * Switch to SHA2 for newly generated certificates. Closes: #733255
   * Bump Standards-Version (no changes).
Checksums-Sha1: 
 af9429dd04604b5952d29407844f2f07388aa50b 1626 ssl-cert_1.0.34.dsc
 194404dcd1f127cf4e24b20d99c92d20371b28ac 24800 ssl-cert_1.0.34.tar.xz
 cd3365f2f51d6616e5270ba31e7320556a8e7574 20858 ssl-cert_1.0.34_all.deb
Checksums-Sha256: 
 f091b25658e724e12b4d9860010dd6407d1a5b3ec177bd77debad3c37ed801ba 1626 ssl-cert_1.0.34.dsc
 5642df3e83102e59cda07028ff003c4d9231155c3797c67e9d848933cb993cb7 24800 ssl-cert_1.0.34.tar.xz
 bdf758c3ff86b182766cdaa0fd22393443418cd26370aa653d29a283c5bbfa46 20858 ssl-cert_1.0.34_all.deb
Files: 
 ae0c70bbdc38e8c20aa96485b992da6a 20858 utils optional ssl-cert_1.0.34_all.deb
 558a1d1fecdb3317bfee4afb4b0c66a2 1626 utils optional ssl-cert_1.0.34.dsc
 22c43f334dbb61a529ed95cd4424343e 24800 utils optional ssl-cert_1.0.34.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBU4dIkcaHXzVBzv3gAQipjQ//ZB3wfWVqAAWhl6FTc2aGDJn3SPhFWT41
CbPbvRjw4YLO0JeRubhqultvy3RyzwVEBQyvNmHRCwoD3WIc6IM/+JnsqBiFCbdM
8T/ryYzBuFz3kTjeBWRCi46TFuXo5Uv7IIW/JvnPFBglUXHDUY+iHAgaoG1surE5
ge7cOhQwZjD3+JSSOkVm9b6l8YuPSdtkGg9c95lOLPJXzNbLnAGotvAFhMhv/jfy
XHqhdbGGhXraMKFHDgX5OWJiGWMgyNeSYmzHYmLHSqO7iXr1KWFFPIlPA4PC3aGQ
/e8jU2Fr64eOMySfoG73ow2a5Up15Mf2GmByefGNUMiDWsAkGgMMjmgGAp2pdjIT
nbAMCP6HVL04Iq8gZwpuZNErcqEkqY3XORfvQKXjI8e5AwO3kum6/r3zrKq3nh6/
MNLgNigzdijI8muM7i+eXhVc23/Rdcs49yS4c/dHhZTNITW7FNosVXAFqJGAs7Bs
9IFbH4WG9F084wpWyGSbj1ie/nVe7r6Fw24fUdcWuZFf7GVLLScURyStkkdMIi8e
v7IobEI9w7lsvvi/IMf5xAin5EM4rTBAzv7Ox88hn2UBj7rxhlP9zMxFUje+xfJ8
Y98X9GHqMQgJX7Dq8SP2O8YSUZohF6yIWT+UzHaOLU3h+/pwlb07UJVxiKGd5xpu
EIy0NB8PBvY=
=cjmi
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: