OSPRH-28892: Harden Apache SSL config for PQC compliance#594
Conversation
SSLCipherSuite: Remove MEDIUM-strength ciphers and add !kRSA to block quantum-vulnerable RSA key exchange suites that lack forward secrecy. SSLProtocol: Switch from blacklist (all -old) to whitelist (-all +new) style, explicitly allowing only TLS 1.3 and TLS 1.2. This removes implicit TLS 1.1 support that remained under the old configuration. These changes address the Harvest Now, Decrypt Later (HNDL) threat model by ensuring Apache cannot negotiate quantum-vulnerable cipher suites or legacy protocol versions. Related: OSPRH-28891 Closes: OSPRH-28892 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Owen McGonagle <omcgonag@redhat.com>
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mcgonago The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@mcgonago: This pull request references OSPRH-28892 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
PR needs rebase. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
Related to ssl.conf centralized to lib-common (OSPRH-30239). PQC TLS defaults will most likely follow a change in lib-common PR-697. See OSPRH-28889 for details. |
Summary
!kRSAto SSLCipherSuite to block quantum-vulnerable RSA key exchange suites and removeMEDIUM-strength ciphersall -SSLv2 -SSLv3 -TLSv1) to whitelist (-all +TLSv1.3 +TLSv1.2), removing implicit TLS 1.1 supportThese changes harden the Horizon Apache reverse proxy against the Harvest Now, Decrypt Later (HNDL) threat model by preventing negotiation of quantum-vulnerable cipher suites and legacy protocol versions.
Jira
Changes
templates/horizon/config/ssl.confHIGH:MEDIUM:!aNULL:!MD5:!RC4:!3DESHIGH:!aNULL:!MD5:!RC4:!3DES:!kRSAall -SSLv2 -SSLv3 -TLSv1-all +TLSv1.3 +TLSv1.2Why these changes
Test plan
go build ./...passesmake testpasses (36/36 functional specs, 75.4% coverage)openssl s_client -connect <route>:443 -tls1_3openssl s_client -connect <route>:443 -cipher "AES256-SHA"(expect handshake failure)Co-Authored-By: Claude Opus 4.6 noreply@anthropic.com