top | item 27182900

(no title)

aisio | 4 years ago

Many enterprises use a FIPS SSL proxy for all employees web traffic, so all websites with these lets encrypt will effectively be invalidated if the proxies are using openssl FIPs modules, same for FIPS client side applications

discuss

jeroenhd|4 years ago

It seems quite silly to me to enforce a massive MitM attack while at the same time sticking to the FIPS standards. Then again, a lot of governmental and financial security requirements are nonsensical to me, like mandatory password changes.

When I, as a website host, need to choose between accepting millions of Android devices or a few organizations with an esoteric security configuration, I'll go for the Android devices.

AFAIK Windows FIPS mode is unaffected by the OpenSSL bug, so not all FIPS modules will have trouble with the Let's Encrypt certificate. A Windows-based MitM-attack won't have this problem.

The best solution here would be for OpenSSL to have a FIPS release ready before September, or to release a patched version of 1.0.X, but that still won't help companies that cannot or will not update their software.

alias_neo|4 years ago

Some of it is misguided, some of it is legacy, other parts _do_ make sense to the people involved.

Mandatory password changes for example have not been recommended[0] by NCSC in the UK since ~2018. Continuing to do so is either legacy or misguided.

As for "MitM" it's usually due to regulatory requirements to protect and inspect at boundaries to and from an organisations network.

FIPS and OpenSSL is an interesting subject. Many organisations rely on it, yet relatively few contribute financially. When 1.1.X and subsequent versions came along and had no FIPS 140-2, orgs were forced to wait it out until someone else pays to get it accredited or pony up and help the process along. I haven't looked lately at how much has been contributed to the effort but I suspect it's still pretty low considering how much of the world relies on OpenSSL.

[0]https://www.ncsc.gov.uk/collection/passwords/updating-your-a...

0xbadcafebee|4 years ago

> It seems quite silly to me to enforce a massive MitM attack while at the same time sticking to the FIPS standards.

Well they're two different things. One is an often government-mandated security standard. The other is a business requirement to be able to audit network traffic, which is also often a government-mandated requirement (due to regulations, due diligence, contractual requirements, etc).

People making tech stuff very often forget that the entire world does not work based on "technical best practices", it works on laws and contracts and customer/business requirements. In the real world there is often no perfect way to satisfy all requirements.

tyingq|4 years ago

I don't have a lot of sympathy for the companies in this situation. If you want to MITM all your employee's traffic, then you accept the burden of dealing with stuff like this periodically.

hannob|4 years ago

I guess that will give them an incentive to fix those devices quickly.

josephcsible|4 years ago

Ha, good one. For the average company that breaks SSL, I expect something like this instead: "new corporate policy update: for security reasons, you're no longer allowed to visit HTTPS Web sites that use Let's Encrypt. If the Web site you want to visit still allows HTTP, that continues to be acceptable."