Project

General

Profile

Bug #17333

Thunderbird: Support current and future TLS protocol versions

Added by alster about 1 month ago. Updated 10 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
-
Target version:
-
Start date:
Due date:
% Done:

100%

Feature Branch:
bugfix/17333-support-tls-1.3
Type of work:
Code
Blueprint:
Starter:
Affected tool:
Email Client

Description

Mozilla Thunderbird, as shipped in TAILS 4.1, currently supports TLSv1.2 as the highest protocol version according to the security.tls.version.max=3 preference. However, TLSv1.3 has been specified and implementations are available and in use, so TAILS should consider supporting TLSv1.3 (security.tls.version.max=4) and potentially any newer protocols versions (security.tls.version.max=0 - please verify!).

Related code: tails.git:/config/chroot_local-includes/etc/thunderbird/pref/thunderbird.js

Please discuss the following:

  1. Should TLSv1.3 be supported in Thunderbird in TAILS?
    To consider:
    • Does TLSv1.3 introduce new privacy risks, and if so, which additional counter measures would be needed? Has this been discussed elsewhere previously (Firefox in TAILS 4.1 already supports TLSv1.3) and are these findings applicable to Thunderbird?
    • If TLSv1.3 introduces new privacy risks, do its new security and privacy features/properties outweigh its (mitigatable?) privacy risks?
  2. Should the maximum TLS protocol version continue to be fixed to a specific version in Thunderbird in TAILS (in contrary to Firefox, I assume - please verify!) or should any upstream TLS protocol version support land into Thunderbird on TAILS unhindered?
    To consider:
    • What is the risk trade-off between inadvertently supporting newer TLS protocol versions which have not yet undergone privacy risk assessment through Tor/TAILS vs. missing out on new security and privacy features newer TLS protocol versions may introduce (and have done in the past).
    • If a decision is made here to continue restricting the maximum TLS protocol version supported, should this also be applied to other software (and the system as a whole) in TAILS?
Testing Thunderbird TLS protocol support on TAILS:
  • Start Thunderbird
  • Create any account
  • Access the menu using the ☰ Hamburger icon
  • Navigate to ► ToolsDeveloper ToolsError Console
  • Type window.open('https://www.ssllabs.com/ssltest/viewMyClient.html'); and press Enter
  • An e-mail compositor window opens with a ("simple HTML") rendering of this web page embedded on its mail body.

Associated revisions

Revision 8933c830 (diff)
Added by segfault about 1 month ago

Make Thunderbird support TLS 1.3 (refs: #17333)

Revision 3ab955e9 (diff)
Added by segfault about 1 month ago

Make Thunderbird support TLS 1.3 (refs: #17333)

Revision 1ba8e598
Added by segfault 10 days ago

Merge branch 'bugfix/17333-support-tls-1.3' into stable (Closes: #17333)

History

#1 Updated by alster about 1 month ago

intrigeri (or, potentially, someone posing as this person on TAILS XMPP chat) pointed out that the TAILS Thunderbird source code commit which introduces the maximum TLS version preference points to this bug report against TorBirdy - which discusses security.tls.version.min but not security.tls.version.max:
https://trac.torproject.org/projects/tor/ticket/20751

#2 Updated by intrigeri about 1 month ago

@segfault, what do you think?

#3 Updated by segfault about 1 month ago

  • Status changed from New to In Progress

#4 Updated by segfault about 1 month ago

  • Assignee set to segfault
  • Feature Branch set to bugfix/17333-support-tls-1.3

alster wrote:

Mozilla Thunderbird, as shipped in TAILS 4.1, currently supports TLSv1.2 as the highest protocol version according to the security.tls.version.max=3 preference. However, TLSv1.3 has been specified and implementations are available and in use, so TAILS should consider supporting TLSv1.3 (security.tls.version.max=4) and potentially any newer protocols versions (security.tls.version.max=0 - please verify!).

Thanks for reporting this!

We adopted this pref setting from TorBirdy. When I went through the settings to sanity check them, I used the MozillaZine Knowledge Base, which said that "both security.tls.version.min and security.tls.version.max can currently range from 0 to 3" [1]. That seems to outdated info. I should have double checked that. Unfortunately, official documentation of these preferences is very poor, and reading up on the code that uses them was too much work for all the preferences in the short time we had to replace TorBirdy.

[1] http://kb.mozillazine.org/Security.tls.version.*

The security.tls.version settings were last touched by TorBirdy devs in March 2017 - before Firefox and Thunderbird supported TLS 1.3 [2]. So I assume that the TorBirdy devs didn't deliberately decide to not support TLS 1.3, but that they didn't think of updating this setting when TLS 1.3 was supported in Thunderbird. @azadi, can you confirm that?

[2] https://blog.mozilla.org/security/2018/08/13/tls-1-3-published-in-firefox-today/

  1. Should TLSv1.3 be supported in Thunderbird in TAILS?
    To consider:
    • Does TLSv1.3 introduce new privacy risks, and if so, which additional counter measures would be needed? Has this been discussed elsewhere previously (Firefox in TAILS 4.1 already supports TLSv1.3) and are these findings applicable to Thunderbird?

Since the Tor Browser supports TLS 1.3, IMO it's safe to assume that there are no significant privacy concerns.

  1. Should the maximum TLS protocol version continue to be fixed to a specific version in Thunderbird in TAILS (in contrary to Firefox, I assume - please verify!) or should any upstream TLS protocol version support land into Thunderbird on TAILS unhindered?

I'm not sure what the reason is for setting the security.tls.version.max preference. I think it should be safe to just use the default value, which is currently 4. azadi, do you know why you originally set the @security.tls.version.max pref in addition to security.tls.version.min?

I pushed a commit which drops the security.tls.version.max pref, to see if the tests still pass on Jenkins.

#5 Updated by intrigeri about 1 month ago

I'm not sure what the reason is for setting the security.tls.version.max preference. I think it should be safe to just use the default value, which is currently 4.

Yeah, from a long-term sustainability/maintenance PoV, I concur: we've had examples in the past where our clever custom settings that were meant to improve users' safety bitrotted, and a few years later, it turned out that we were effectively decreasing users' safety, because the world had moved on and the default settings had become more hardened than our custom ones.

@azadi, do you know why you originally set the security.tls.version.max pref in addition to security.tls.version.min?

I'm curious too!

#6 Updated by intrigeri 19 days ago

Hi segfault!

I've verified that Tor Browser does not change the default value of security.tls.version.max. Then I've looked in the Firefox..Tor Browser diff, and I could not find any other change that would have been made specifically in order to make TLS 1.3 safe. So I would feel comfortable merging this without blocking on azadi's input.

Jenkins is happy with this branch. I'd like to merge it in time for Tails 4.2. May I do that? Or is there anything else that you'd like to see happen/done first?

#7 Updated by segfault 10 days ago

intrigeri wrote:

I've verified that Tor Browser does not change the default value of security.tls.version.max. Then I've looked in the Firefox..Tor Browser diff, and I could not find any other change that would have been made specifically in order to make TLS 1.3 safe. So I would feel comfortable merging this without blocking on azadi's input.

Jenkins is happy with this branch. I'd like to merge it in time for Tails 4.2. May I do that? Or is there anything else that you'd like to see happen/done first?

Argh, I missed this. I will merge it now.

#8 Updated by segfault 10 days ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

Also available in: Atom PDF