Domino on Linux/Unix, Troubleshooting, Best Practices, Tips and more ...

 
alt

Daniel Nashed

 

Apple App Transport Security

Daniel Nashed  22 July 2015 07:50:30
Apple is introducing a new standard for their next OS versions.
App Transport Security (ATS) is planned for iOS 9 and OS X 10.11.


The current plan is to only support
  • TLS 1.2
  • >= 2048 bit RSA
  • SHA-256 signed web server certificates
  • ECDHE!!


TLS 1.2 is a good idea, 2048 RSA keys are a good idea and SHA-256 is also a good idea because SHA-1 is rated as insecure.


The general requirement for PFS ciphers  
(https://en.wikipedia.org/wiki/Forward_secrecy) is a good idea from security point of view.
But not everyone is supporting ECDHE (Elliptic curve Diffie–Hellman). The normal DHE Ciphers should be perfectly be OK from security point of view.


Maybe Apple is just allowing ECHDE because they have less overhead compared to the normal DHE Ciphers.

On the other side if ECDHE ciphers would be compromised in any way this would leave us with no supported cipher suite at all for communication.


Usually the server is responsible for the order in which ciphers are selected. There are server settings (like in current Domino 9.0.1 versions) to allow the client to select the cipher order.

So in general having a short cipher list with only secure ciphers is a good idea to really ensure that a strong cipher is selected!


But that will leave out many applications and will put a lot of pressure on many vendors and also on administrators implementing the latest software versions on server side.


As an app developer you can change you application to allow less secure TLS versions and ciphers.
But if you are running a server and the application is build against a newer API without those exceptions you will have to provide this strong security standard.

See this link for details -->
https://developer.apple.com/library/prerelease/ios/technotes/App-Transport-Security-Technote

The Domino 8.5.x stack will not support TLS 1.2 and and SHA-256 because the code base does not include and SHA-256 support.


But even the current Domino 9.0.1 FP4 version does not completely comply with ATS. DHE is supported in the current Domino FPs and can be configured which would be a vaild and good PFS cipher. But that is not on the ATS list.
There is currently no support for ECDHE in native Domino.

So I am interested to see the feedback from software companies on this Apple move.


On the other side there are Apple servers not complying to those standards and we are still having issues with some Apple SMTP Servers using SSLV2Hello.

It's going to be interesting again to see what will happen when a vendor like Apple pushes standards so hard and in such a short time.

Update:
IBM officially announced that they are working on a IF that will introduce ECDHE for all important internet protocols.

http://www.ibm.com/support/docview.wss?uid=swg21966059

The timeline for the fix is end of September. So they will miss the very short timeline they had before iOS 9 will ship today by a couple of days.

-- Daniel


Comments

1CamelCase  22.07.2015 19:04:24  Apple App Transport Security

Thanks to Apple I'm quite sure IBM already is working on ECDHE for Domino, which also will elevate Domino to A+ on SSLLabs.

2Detlev Poettgen  23.07.2015 13:17:16  Apple App Transport Security

Daniel, thx for your post.

Yes, IBM should and must look into supporting ECDHE! Definitely!

From our tests the current iOS 9 Beta 3 is working together with a Domino 9.0.1 FP4 server accessing Traveler or using Safari to consume an XPages web application. We don't know if Apple will change this in the final release, but at the moment it works!

For app developers: Per default your app will only accept ECDHE ciphers running iOS9.As an app developer you can switch in your info.plist the IBM supported ciphers on.

A Domino server running an older version like Domino 8.5.3 can not be accessed from a device running iOS9. Because of missing TLS 1.2 and SHA-256 support.

So beside ECDHE you definitely should upgrade your systems to 9.0.1 FP4 to be prepared for iOS9 and may be there will be an additional IF coming from IBM to support ECDHE in near future.

The IBM Traveler, IBM Mobile Connect and the IBM Domino Security team is informed by Daniel and by us.

We all should wait for their answers before we are switching to panic mode.

But all admins out their, which are still running Domino 8.5.3 - you must update to 9.0.1 FP4 or add a reverse proxy in front of your Traveler server before iOS 9 arrives!

3Daniel Nashed  23.07.2015 14:18:44  Apple App Transport Security

Yes I fully agree, Detlev as stated before in my blog. And I have also tested with the latest iOS 9.0 4 Developer Beta. Still works and most of the ciphers are still present.

And yes all vendors have to look into ECDHE to be prepared. On the other side Apple should speak to other vendors before making a move like this and not just put it into the developer documentation of a beta release.

It's a big move! TLS 1.2 and SHA-256 + 2048 RSA keys should be best practice already.

And as posted before customers have to migrate from 8.5.3 to 9.0.1 latest and greatest asap! OK they need to wait until all issues with FP4 have been sorted out.

-- Daniel

4CamelCase  23.07.2015 20:16:45  Apple App Transport Security

Apple no more is in a position requiring to beg other vendors to support their own standards. They just define them, and the pack will need to follow otherwise will risk to fail.

Considering that DHE requires more horse power than ECDHE one may ask why IBM had not already implemented ECDHE in favor of DHE in the past.

5Christian Henseler  24.07.2015 8:59:24  Apple App Transport Security

While not directly affected at this moment, because we don't have to deal with Apple devices, I would already be happy to get a stable Traveler 9.0.1.x version once again/finally.

For quite some time we have to fight against stability problems with every new Traveler 9.0.1 IF which is pretty annoying.

6Markku Hänninen  03.08.2015 12:12:23  Apple App Transport Security

Hi

In some cases we have moved to using apache proxy on same server as solution to Domino web problems. While Domino web technology with xpages etc. moves forward, the domino web server and its controls are archaic. I can't understand why IBM has not upgraded it if they are going to continue using it.

Apache proxy takes so little overhead on top of Domino server that in most cases the only thing we need is one additional IP address internally to bind domino in it while using apache proxy externally. As we communicate between apache proxy and domino without SSL (as it is internal server communication), we can provide any SSL configuration to apache external SSL.

Links

    Archives


    • [HCL Domino]
    • [Domino on Linux]
    • [Nash!Com]
    • [Daniel Nashed]