Alexey Serbin created KUDU-2983:
-----------------------------------
Summary: webserver: remove TLS ciphers with RSA-based key exchange
Key: KUDU-2983
URL: https://issues.apache.org/jira/browse/KUDU-2983
Project: Kudu
Issue Type: Improvement
Components: master, security, tserver
Affects Versions: 1.11.0
Reporter: Alexey Serbin
Since squeasel now supports ECDH-based algorithms since
[d6a6b54b1|https://github.com/apache/kudu/commit/d6a6b54b175032c7d13d231ef6d156ef9d0e3ab0],
it's safe to remove ciphers with key exchange based on RSA for Kudu embedded
webserver on every supported platform but CentOS6 (there we use
{{openssl-el6-workaround}} defining {{OPENSSL_NO_ECDH}}).
That's to follow [best
practices|https://wiki.mozilla.org/Security/Server_Side_TLS] of using only
forward secrecy-enabled ciphers. As of October 2019, let's use at least
_Intermediate compatibility_ cipher list (needs to be accommodated for CentOS7
since polynomial algos sometimes not available there).
Also, that's to avoid security scan tools like [Qualys SSL Server
Test|https://www.ssllabs.com/ssltest/] from SSL Labs issuing warnings about
critical vulnerabilities such as [RobotAttack|https://robotattack.org/]. See
[this introduction
article|https://www.trustzone.com/the-robot-attack-rsa-encryption-is-vulnerable-choose-ecc-in-tls-ssl-certificates-to-ensure-security/]
for more context on replacing RSA with ECC for TLS key exchange.
The issue to remove ciphers with RSA-based key exchange for Kudu RPC is tracked
separately since it requires changing type of IPKI private key as well.
This is the list of ciphers to use on CentOS7 and newer for Kudu webserver:
{noformat}
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
{noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
