RFC 6176 - what’s in for you

As you may be aware RFC 6176 was published.

Basically the use of SSL 2.0 is prohibited on the client/server side.
The clients also must not use anymore the SSL 2.0 compatible Client Hello message.
On the server side there isn’t a stringent condition to not accept SSL 2.0 compatible Client Hello messages.

Will be interesting to see how vendors will react(big boys like MS look to have some work to do, as far as I know SSL 2.0 support for the server side is not disabled by default on the latest version of Schannel).

Right now the latest versions of desktop web browsers have disabled or dropped support for SSL 2.0.

But it’s not only about desktop web browsers, it’s about the entire client range(like email clients, FTP clients etc.).
Or for example forward web proxies doing HTTPS inspection may still use SSL 2.0. [2]

On the web servers side things are a little bit trickier.
To my knowledge, all IIS versions(namely 6.0, 7.0, 7.5) enable SSL 2.0 by default.
Apache’s situation may vary, depends against which SSL/TLS library is built and the underlying OS used. For example mod_nss comes with support for SSL 2.0 disabled by default and mod_gnutls does not support SSL 2.0. The Apache 2 web server(using the integrated mod_ssl) if built from source may come with SSL 2.0 enabled by default(also the Windows version from Apache’s web site seems to have SSL 2.0 enabled by default). If Linux is the underlying OS and the Apache version shipped with the Linux distro is used, things may vary from distro to distro.
Also reverse web proxies(like ISA Server 2006, Forefront TMG 2010, etc.) may enable SSL 2.0 by default.
On FTP servers, like IIS 7.0 on Windows 2008 Server(configured as described in [4]) SSL 2.0 is also enabled by default.

So an administrator who may want to make sure the use of SSL 2.0 is prohibited on his network, would need to perform checks in multiple areas(both client and server side, depends what he’s having on his network).

Web servers/reverse web proxies/load balancers(/possibly SSL VPN servers) admins, as usual, can check if SSL 2.0 is enabled on their servers with SSL Labs. [3]

You can test FTP servers like IIS 7.0 on Windows 2008 Server with:
openssl s_client -ssl2 -connect servername:21 -starttls ftp
A FTP test server with SSL 2.0 enabled can be found at ftp.secureftp-test.com, see details at http://www.secureftp-test.com/.

A SMTP server test(usable with smtp.live.com which supports SSL 2.0):
openssl s_client -ssl2 -starttls smtp –connect servername:587

Note that, for example, on a web sever, if you disable SSL 2.0, you may not, in the process, also reject SSL 2.0 compatible Client Hello messages. To do that may not be so straightforward(depends), and for now this is not recommended, since you may reject connections from forward web proxies doing HTTPS inspection like [2] or from clients using Internet Explorer 6.0.

[1] RFC 6176 Prohibiting Secure Sockets Layer (SSL) Version 2.0
http://tools.ietf.org/html/rfc6176

[2] SSL/TLS sloppy implementation of Astaro Security Gateway v8's outbound HTTPS inspection feature
http://www.carbonwind.net/blog/post/SSLTLS-sloppy-implementation-of-Astaro-Security-Gateway-v8s-outbound-HTTPS-inspection-feature.aspx

[3] SSL Labs
https://www.ssllabs.com/

[4] Using FTP Over SSL
http://learn.iis.net/page.aspx/304/using-ftp-over-ssl/

Comments are closed