#3229 Change: Make OpenSSL distrust SHA-1 signatures by default
Closed: Accepted 7 months ago by zbyszek. Opened 7 months ago by amoloney.

OpenSSL will no longer trust cryptographic signatures using SHA-1 by default, starting from Fedora 41.

Owners, do not implement this work until the FESCo vote has explicitly ended.
The Fedora Program Manager will create a tracking bug in Bugzilla for this Change, which is your indication to proceed.
See the FESCo ticket policy and the Changes policy for more information.

REMINDER: This ticket is for FESCo members to vote on the proposal. Further discussion should happen in the devel list thread linked above.


The devel discussion indicated that this will break DNSSEC. I'm a bit wary of breaking that by default.

-1

Metadata Update from @ngompa:
- Issue tagged with: meeting

7 months ago

Metadata Update from @ngompa:
- Issue tagged with: system wide change

7 months ago

This will be discussed in the meeting today at 17:00 UTC.

The devel discussion indicated that this will break DNSSEC. I'm a bit wary of breaking that by default.

-1

for completeness it's this message: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/SGVN7MRZDSSOTD4Q445QJN72DLAPOBDI/

Also - there are questions over packaging runcp that the change owner has not answered yet. I might be persuaded to vote +1 conditional on runcp being packaged and it being possible to automatically use the legacy policy for DNS resolvers (or the change owners confirming that there are no additional resolvers in Fedora, since the RHEL ones have been patched per Clemens' reply)

This was discussed during the meeting:
APPROVED: Accept the Change and disallow SHA-1 by default. Mitigations exist for individual applications to re-enable it if absolutely necessary (+7, 0, -1)

Metadata Update from @zbyszek:
- Issue untagged with: meeting
- Issue close_status updated to: Accepted
- Issue status updated to: Closed (was: Open)

7 months ago

@ngompa were correct that this will have issues with DNSSEC. But not with bind or unbound components. We had to find a way to make it working well enough. But systemd-resolved did not prepare similar way. Resolution of not only SHA-1 signed names are broken, but basically of all unsupported algorithms behave the same way.

Filled https://bugzilla.redhat.com/show_bug.cgi?id=2325406

Log in to comment on this ticket.

Metadata