Google Sets Minimum TLS Standards, Will Disable SSL3 And RC4 For Its Servers
Google announced on its security blog that it's going to soon disable the obsolete SSL3 protocol as well as the RC4 cipher for its front-end servers. The company also established new recommended minimum TLS standards that it hopes others will support over the next few years. The same standards will be required in any software where others have to get certification from Google (such as in Android).
RC4, a 28-year-old cipher, has been the target of many recent attacks in the past few years, and the IETF and Google, as well as Mozilla and Microsoft, all agree that it's time to retire it.
SSL3 was made obsolete 16 years ago when the TLS 1.0 protocol was announced to replace it, and the IETF has also said recently that it shouldn't be used anymore. Many browsers and servers still supported it until a year ago, when several of Google's researchers uncovered the POODLE attack, which could downgrade secure HTTPS connections to using the weaker SSL3.
There have been other similar attacks because the browsers simply didn't clean out old obsolete cipher suites that aren't secure anymore, believing that some websites out there might still be using them. That's why Google is also establishing some recommended minimum standards for the future, so websites and other TLS clients can proactively upgrade to safer protocols in a reasonable time, rather than doing it after an attack happens.
Because many embedded systems, as well as other client applications that connect to Google's services, can't be easily updated to support new crypto protocols, Google recommends that new devices and apps should adopt the following:
TLS 1.2 must be supported.A Server Name Indication (SNI) extension must be included in the handshake and must contain the domain that it's being connected to.The cipher suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 must be supported with P-256 and uncompressed points.At least the certificates in https://pki.google.com/roots.pem must be trusted.Certificate handling must be able to support DNS Subject Alternative Names and those SANs may include a single wildcard as the left-most label in the name.
This should ensure that the clients will be compatible with Google's servers at least through 2020. If they don't meet these requirements, the connections might still work unless the clients only support SSL3 and RC4.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
To make testing easier, Google has set up https://cert-test.sandbox.google.com, which requires that points 1-3 (above) are met for a connection to be established. Otherwise, the developers will need to update their crypto libraries and configurations.
Follow us @tomshardware, on Facebook and on Google+.
Most Popular
By Les Pounder
By Ash Hill
By Mark Tyson
By Anton Shilov