nixos/nginx: re-enable ssl_session_tickets #350018
Conversation
github-actions
bot
added
6.topic: nixos
ofborg
bot
added
10.rebuild-darwin: 0
|
I’m a little nervous about the compromise to forward secrecy posed by session tickets, but if we’re tracking Mozilla’s recommendations here then it makes sense to match the update. I think we should not enable HSTS out of the box since it is the kind of policy decision that is hard to revert and can cause painful availability issues. An option for it might be nice though. |
Equally happy to update the comment to say that we're not following Mozilla's recommendations, I don't have a horse in that race :)
Cool. I'll probably make a separate PR adding the option. (edit: #350302) |
Mozilla's [recommendations][1] no longer include this item. Per [mozilla/server-side-tls#135][2] and [mozilla/ssl-config-generator#252][3], it sounds like versions of nginx prior to 1.23.2 (released 2022-10-19) didn't make it easy to properly rotate the ticket encryption keys, but since that version it's now done automatically. Since nixos-24.05 is already on nginx-1.26.2, it seems safe to remove this option. [1]: https://ssl-config.mozilla.org/#server=nginx&config=intermediate [2]: mozilla/server-side-tls#135 [3]: mozilla/ssl-config-generator#252
bmillwood
force-pushed
the
update-recommended-tls-settings
branch
from
283ce1d
to
db13dd0
Compare
|
@emilazy do you want to choose something to happen here? |
|
Feel free to feed any concerns back to us @mozilla/ssl-config-generator via issues or discussions — chances are if it's not good enough for you, it probably won't be for others, too;)
Their changelog makes it sound it's safe now, but from the mailinglist changeset it looked more like just a better GC at first glance — but I will look more deeply into what's the actual change: it's the OCT '22 commits here: https://github.com/nginx/nginx/commits/release-1.23.2/ if you want to inspect yourselves if that's reasonably safe for PFS.
It's been around for years, but for these exact concerns downstream the HSTS is only behind a preference to help emit the correct headers and time spans, but also make it easy to consume configs without these. |
Mozilla's recommendations no longer include this item. Per mozilla/server-side-tls#135 and
mozilla/ssl-config-generator#252, it sounds like versions of nginx prior to 1.23.2 (released 2022-10-19) didn't make it easy to properly rotate the ticket encryption keys, but since that version it's now done automatically. Since nixos-24.05 is already on nginx-1.26.2, it seems safe to remove this option.
I came across this while looking to see what was included in
recommendedTlsSettingsand noticing that it had fallen out of sync with its own source. I don't personally feel strongly thatssl_session_ticketsis important to set one way or the other, this just seems like housekeeping to me. I believe it has performance implications (reducing the amount of memory nginx needs?) but the docs are not very helpful.One other notable difference between the Mozilla settings and ours is Mozilla enables HSTS. I don't know if this is not included because it's new or if it's omitted intentionally, but I decided not to include it here because it seems like it could be a more significant / impactful / client-facing change. Let me know if we want it and I might do a followup PR, perhaps adding it as an option.
Things done
nixos-24.05and then built that, but I imagine that's sufficient?nix.conf? (See Nix manual)sandbox = relaxedsandbox = true(because it's the default on Linux and I haven't overridden it)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)Add a 👍 reaction to pull requests you find important.