Add TLS 1.2 breaking change #43582

richlander · 2024-11-15T00:27:03Z

In reference to dotnet/dotnet-docker#6039

Internal previews

📄 File	🔗 Preview link
docs/core/compatibility/8.0.md	Breaking changes in .NET 8
docs/core/compatibility/containers/8.0/default-ciphers-for-tls-changed.md	Debian 12 container images no longer support TLS 1.2
docs/core/compatibility/toc.yml	docs/core/compatibility/toc

gewarren

Thank you for adding this!

gewarren · 2024-11-15T00:30:45Z

docs/core/compatibility/toc.yml

Can you also add an entry on line 1263?

docs/core/compatibility/containers/8.0/default-ciphers-for-tls-changed.md

Co-authored-by: Genevieve Warren <[email protected]>

bartonjs · 2024-11-15T01:25:47Z

docs/core/compatibility/containers/8.0/default-ciphers-for-tls-changed.md

+description: Learn about the breaking change in containers where .NET 8 Debian container images no longer support TLS 1.2.
+ms.date: 08/29/2024
+---
+# Debian 12 container images no longer support TLS 1.2


That's not true.

Our default ciphersuite list allows any TLS 1.3 ciphersuite, and 8 TLS 1.2 ciphersuites.

The TLS 1.2 ciphersuites we allow aren't particularly esoteric, so it should be the case that we can, by default, talk to any TLS 1.2 endpoint.

Even if the default security level is non-zero, we still shouldn't be boxing out TLS 1.2:

$ openssl ciphers -s -stdname "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256" TLS_AES_256_GCM_SHA384 - TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 - TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 $ openssl ciphers -s -stdname "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:@SECLEVEL=0" TLS_AES_256_GCM_SHA384 - TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 - TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 $ openssl ciphers -s -stdname "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:@SECLEVEL=2" TLS_AES_256_GCM_SHA384 - TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_AES_128_GCM_SHA256 - TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 $ openssl ciphers -s -stdname "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:@SECLEVEL=5" TLS_AES_256_GCM_SHA384 - TLS_AES_256_GCM_SHA384 TLSv1.3 Kx=any Au=any Enc=AESGCM(256) Mac=AEAD TLS_CHACHA20_POLY1305_SHA256 - TLS_CHACHA20_POLY1305_SHA256 TLSv1.3 Kx=any Au=any Enc=CHACHA20/POLY1305(256) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384

That shows that OpenSSL 3.0.2 on Ubunutu 22.04 interprets our list as the same at the implicit security level, level 0, and level 2. By level 5 it is reduced, but still contains TLS 1.2 in the compatible protocols.

What is true is that, by default, SSL3, TLS 1.0, and TLS 1.1 are all no longer supported.

So, why do you think this results in a breaking change, then?

Add TLS 1.2 breaking change

a61643f

richlander requested review from gewarren and a team as code owners November 15, 2024 00:27

dotnetrepoman bot added this to the November 2024 milestone Nov 15, 2024

dotnetrepoman bot added the dotnet-fundamentals/svc label Nov 15, 2024

gewarren approved these changes Nov 15, 2024

View reviewed changes

richlander and others added 2 commits November 14, 2024 16:46

Apply suggestions from code review

a347c6d

Co-authored-by: Genevieve Warren <[email protected]>

Update other part of TOC

57b9c6b

bartonjs reviewed Nov 15, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add TLS 1.2 breaking change #43582

Add TLS 1.2 breaking change #43582

richlander commented Nov 15, 2024 •

edited by github-actions bot

Loading

gewarren left a comment

gewarren Nov 15, 2024

bartonjs Nov 15, 2024

bartonjs Nov 15, 2024

bartonjs Nov 15, 2024

richlander Nov 15, 2024

Add TLS 1.2 breaking change #43582

Are you sure you want to change the base?

Add TLS 1.2 breaking change #43582

Conversation

richlander commented Nov 15, 2024 • edited by github-actions bot Loading

Internal previews

gewarren left a comment

Choose a reason for hiding this comment

gewarren Nov 15, 2024

Choose a reason for hiding this comment

bartonjs Nov 15, 2024

Choose a reason for hiding this comment

bartonjs Nov 15, 2024

Choose a reason for hiding this comment

bartonjs Nov 15, 2024

Choose a reason for hiding this comment

richlander Nov 15, 2024

Choose a reason for hiding this comment

richlander commented Nov 15, 2024 •

edited by github-actions bot

Loading