{{ A more general API can be done later (which could allow to control the use of various hashes in various contexts). I believe such an API would require more thinking, and this additional thinking shouldn't delay us at this point. Something similar to existing SSL_CipherPrefSetDefault(). Maybe a function
enum HashAndContext {
hac_MD5_in_CertAndCRLSignatures,
hac_MD5_everywhere,
hac_SHA1_in_CertAndCRLSignatures,
...
};
void NSS_HashPrefSetDefault(enum HashAndContext, PRBool enabled);
}}
NSS should add this function in NSS 3.12.3
PSM should add a preference, in both Firefox 3.0.x and Firefox 3.1.x,
(about:config only) which can be used to disable MD5 / activate the patch.
I propose to continue to have MD5 allowed for now, but this gives us the opportunity to change the default to disallowed at any time (with security updates), and allows security conscious users to disable it right away.
I propose a new error code gets added to NSS, like SEC_ERROR_UNSAFE_ALGO (where the meaning UNSAFE is based on runtime defaults).
Now let's say the runtime configuration is "forbid MD5" and the user gets an error page. Should the user be able to override the error, just like other errors? I think it should, but it would require much more logic to be added to both NSS and PSM. Similar to today's HandshakeCallback/AuthCertificateCallback functions, the NSS would need to call back into PSM and asks whether an override is active... More APIs to define...
NSS should implement a function that allows an application to toggle the behavior with or without Nelson's patch.
void NSS_HashPrefsMD 5InSigsSetDefau lt(PRBool enabled);
{{ A more general API can be done later (which could allow to control the use of various hashes in various contexts). I believe such an API would require more thinking, and this additional thinking shouldn't delay us at this point. Something similar to existing SSL_CipherPrefS etDefault( ). Maybe a function MD5_in_ CertAndCRLSigna tures, MD5_everywhere, SHA1_in_ CertAndCRLSigna tures, Default( enum HashAndContext, PRBool enabled);
enum HashAndContext {
hac_
hac_
hac_
...
};
void NSS_HashPrefSet
}}
NSS should add this function in NSS 3.12.3
PSM should add a preference, in both Firefox 3.0.x and Firefox 3.1.x,
(about:config only) which can be used to disable MD5 / activate the patch.
I propose to continue to have MD5 allowed for now, but this gives us the opportunity to change the default to disallowed at any time (with security updates), and allows security conscious users to disable it right away.
I propose a new error code gets added to NSS, like SEC_ERROR_ UNSAFE_ ALGO (where the meaning UNSAFE is based on runtime defaults).
Now let's say the runtime configuration is "forbid MD5" and the user gets an error page. Should the user be able to override the error, just like other errors? I think it should, but it would require much more logic to be added to both NSS and PSM. Similar to today's HandshakeCallba ck/AuthCertific ateCallback functions, the NSS would need to call back into PSM and asks whether an override is active... More APIs to define...