WL#14519: Deprecate the use of TLS v1.0 and v1.1
Affects: Server-8.0 — Status: Complete
https://tools.ietf.org/id/draft-ietf-tls-oldversions-deprecate-02.html Transport Layer Security (TLS) versions 1.0 [RFC2246] and 1.1 [RFC4346] were superceded by TLSv1.2 [RFC5246] in 2008, which has now itself been superceded by TLSv1.3 [RFC8446]. It is therefore timely to further deprecate these old versions. The expectation is that TLSv1.2 will continue to be used for many years alongside TLSv1.3. TLSv1.1 and TLSv1.0 are also actively being deprecated in accordance with guidance from government agencies (e.g. NIST SP 80052r2) and industry consortia such as the Payment Card Industry Association (PCI) [PCI-TLS1]. 3GPP have deprecated TLSv1.0 and DTLSv1.0 since their release-14 in 2016. [TGPP33310] The primary technical reasons for deprecating these versions include: They require implementation of older cipher suites that are no longer desirable for cryptographic reasons, e.g. TLSv1.0 makes TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA mandatory to implement Lack of support for current recommended cipher suites, especially using AEAD ciphers which are not supported prior to TLSv1.2. Note: registry entries for no- longer-desirable ciphersuites remain in the registries, but many TLS registries are being updated through [RFC8447] which denotes such entries as "not recommended." Integrity of the handshake depends on SHA-1 hash Authentication of the peers depends on SHA-1 signatures Support for four protocol versions increases the likelihood of misconfiguration At least one widely-used library has plans to drop TLSv1.1 and TLSv1.0 support in upcoming releases; products using such libraries would need to use older versions of the libraries to support TLSv1.0 and TLSv1.1, which is clearly undesirable Deprecation of these versions is intended to assist developers as additional justification to no longer support older TLS versions and to migrate to a minimum of TLSv1.2. Deprecation also assists product teams with phasing out support for the older versions to reduce the attack surface and the scope of maintenance for protocols in their offerings.
FR1: If TLSv1.0 or TLSv1.1 are specified as a part of tls-version or admin-tls- version command line option, a deprecation warning one for each deprecated version) will be printed into the server's error log. FR2: If TLSv1.0 or TLSv1.1 are specified as a part of setting a global value for the tls-version or admin-tls-version system variable from an SQL connection, a deprecation warning one for each deprecated version) will be added to the result of executing the ALTER INSTANCE RELOAD TLS tls command. FR2.1.: In this case no error log warning will be thrown FR2: If a successful connection uses TLSv1.0 or TLSv1.1, a warning should be logged in the server error log with details of current user and connected user. FR3: Setting the values for the replication client will throw no warning since it's a client to another mysql server that will have the warning. FR4: No client --tls-version version setting will cause any warnings in the client app.
Copyright (c) 2000, 2021, Oracle Corporation and/or its affiliates. All rights reserved.