Update ChangeLog and migration guide

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
Manuel Pégourié-Gonnard 2021-06-07 11:13:34 +02:00
parent 9371a40476
commit 3b5a7c198c
2 changed files with 27 additions and 8 deletions

View file

@ -1,11 +1,14 @@
Removals
* Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following
library constants: MBEDTLS_SSL_PROTO_TLS1,
MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
* Remove support for TLS 1.0, TLS 1.1 and DTLS 1.0, as well as support for
CBC record splitting, fallback SCSV, and the ability to configure
ciphersuites per version, which are no longer relevant. This removes the
following public constants: MBEDTLS_SSL_PROTO_TLS1,
MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_MINOR_VERSION_1,
MBEDTLS_SSL_MINOR_VERSION_2, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED,
MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED,
MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE,
MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions:
MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK; and functions:
mbedtls_ssl_conf_cbc_record_splitting(),
mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback().
Fixes #4286.
mbedtls_ssl_get_key_exchange_md_ssl_tls(), mbedtls_ssl_conf_fallback(),
mbedtls_ssl_conf_ciphersuites_for_version(). Fixes #4286.

View file

@ -3,9 +3,25 @@ Remove suport for TLS 1.0, 1.1 and DTLS 1.0
This change affects users of the TLS 1.0, 1.1 and DTLS 1.0 protocols.
The versions of (D)TLS that are being removed are not as secure as the latest
versions. Keeping them in the library creates opportunities for misconfiguration
These versions have been deprecated by RFC 8996.
Keeping them in the library creates opportunities for misconfiguration
and possibly downgrade attacks. More generally, more code means a larger attack
surface, even if the code is supposedly not used.
The migration path is to adopt the latest versions of the protocol.
As a consequence of removing 1.0, support for CBC record splitting was also
removed, as it was a work-around for a weakness in this particular version.
There is no migration path is no longer makes sense with newer versions.
As a consequence of currently supporting only one version of (D)TLS (and in the
future 1.3 which will have a different version negociation mechanism), support
for fallback SCSV (RFC 7507) was also removed. There is no migration path as
it's no longer useful with TLS 1.2 and later.
As a consequence of currently supporting only one version of (D)TLS (and in the
future 1.3 which will have a different concept of ciphersuites), support for
configuring ciphersuites separately for each version via
`mbedtls_ssl_conf_ciphersuites_for_version()` was removed. Use
`mbedtls_ssl_conf_ciphersuites()` to configure ciphersuites to use with (D)TLS
1.2; in the future a different API will be added for (D)TLS 1.3.