[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
** No longer affects: apache2 (Ubuntu) ** No longer affects: apache2 (Ubuntu Bionic) ** No longer affects: apache2 (Ubuntu Disco) ** No longer affects: apache2 (Ubuntu Eoan) ** No longer affects: chromium (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
** No longer affects: chromium (Ubuntu Bionic) ** No longer affects: chromium (Ubuntu Disco) ** No longer affects: chromium (Ubuntu Eoan) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
This is implemented in firefox, but not enabled by default indeed. See https://hg.mozilla.org/mozilla-central/rev/1bb8ad865648: // Turn off post-handshake authentication for TLS 1.3 by default, // until the incompatibility with HTTP/2 is resolved: // https://tools.ietf.org/html/draft-davidben-http2-tls13-00 pref("security.tls.enable_post_handshake_auth", false); And chrom{e,ium} isn't even considering implementing it until the specification is clarified. ** Changed in: chromium (Ubuntu Bionic) Status: New => Confirmed ** Changed in: chromium (Ubuntu Disco) Status: New => Confirmed ** Changed in: chromium (Ubuntu Eoan) Status: New => Confirmed ** Changed in: firefox (Ubuntu Bionic) Status: New => Fix Released ** Changed in: firefox (Ubuntu Disco) Status: New => Fix Released ** Changed in: firefox (Ubuntu Eoan) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
** Changed in: firefox (Ubuntu Bionic) Assignee: (unassigned) => Olivier Tilloy (osomon) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
This can be enabled in firefox 68+ by going to "about:config" and setting security.tls.enable_post_handshake_auth to true. It's disabled by default (from upstream), not sure why. ** Changed in: apache2 (Ubuntu Bionic) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
seen with bionic as well ** Also affects: apache2 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: chromium (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: firefox (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
** Changed in: firefox (Ubuntu Eoan) Assignee: (unassigned) => Olivier Tilloy (osomon) ** Changed in: firefox (Ubuntu Disco) Assignee: (unassigned) => Olivier Tilloy (osomon) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
There is nothing that needs fixing in Apache here, it's a client (i.e., browser) issue. ** Also affects: firefox (Ubuntu) Importance: Undecided Status: New ** Also affects: chromium (Ubuntu) Importance: Undecided Status: New ** Changed in: apache2 (Ubuntu Disco) Status: Confirmed => Invalid ** Changed in: apache2 (Ubuntu Eoan) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: apache2 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1834671] Re: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: apache2 (Ubuntu Disco) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1834671 Title: TLSv1.3 client certificate authentication with renegotiation unsupported in browsers To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1834671/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs