New issue
Advanced search Search tips

Issue 807276 link

Starred by 1 user
Status: Duplicate
Merged: issue 630147
Owner: ----
Closed: Jan 2018
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 3
Type: Bug



Sign in to add a comment

Weak security ciphers and no TLS 1.3 support

Reported by stu...@anchev.net, Jan 30 2018 
Chrome Version       : 64.0.3282.119
OS Version: openSUSE Leap 42.3
URLs (if applicable) : https://www.ssllabs.com/ssltest/viewMyClient.html
Other browsers tested:
  Add OK or FAIL after other browsers where you have tested this issue:
     Safari:
    Firefox:
    IE/Edge:

What steps will reproduce the problem?
1. https://www.ssllabs.com/ssltest/viewMyClient.html

What is the expected result?

No security weaknesses.


What happens instead of that?

Weak security ciphers and no TLS 1.3 support


Please provide any additional information below. Attach a screenshot if
possible.

Attached PDF.

UserAgentString: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.119 Safari/537.36
Qualys SSL Labs - Projects _ SSL Client Test.pdf
93.1 KB Download

Comment 1 by b...@chromium.org, Jan 30 2018

Components: Internals>Network>SSL
Mergedinto: 630147
Status: Duplicate (was: Unconfirmed)
TLS 1.3 is still in development.  Chrome has an up-to-date implementation as part of the engagement with the standardization process, but TLS 1.3 is not ready yet to be enabled by default.

Weak ciphers are unfortunately necessary for compatibility with legacy servers.  It is always a very difficult decision to deprecate a weak cipher, because while in the long run it puts pressure on the ecosystem to move forward, it hurts the users in the short term.  Rest assured that there is active efforts to deprecate weak ciphers.

I'm merging this issue into the TLS 1.3 tracking bug.

Comment 2 by davidben@chromium.org, Jan 30 2018 

We hope to roll out TLS 1.3 draft 23 with Chrome 65. It's been a long saga of dealing with buggy non-compliant middleboxes on the network, but hopefully it's finally nearing the end.

Sign in to add a comment