-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I would also like to note that gnupg.org does not appear to work on the latest versions of Apple iOS or macOS Safari due to TLS cert issues. It fails to load in Safari on either platform (but Chrome and Firefox do work on macOS, Safari is the only browser on iOS).
I believe this may be due to Apple's App Transport Security (ATS) rules. You can find an overview of those rules and a link to more details here: http://stackoverflow.com/questions/31231696/ios-9-ats-ssl-error-with-sup porting-server It seems that iOS/macOS cannot negotiate a strong connection with TLS 1.2 and one of the allowed cipher suites using forward secrecy when talking to gnupg.org. The accepted TLS 1.2 ciphers for Apple ATS are: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA And gnupg.org only provides: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 2048 bits FS 128 TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 2048 bits FS 256 TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa) 112 As you can see, there appears to be no overlap with the suites that ATS expects for a strong connection and those that gnupg.org offers. For comparison sake, here are the cipher suites that cloudflare advertises with its CDN services: Preferred TLSv1.2 128 bits ECDHE-ECDSA-AES128-GCM-SHA256 Curve P-256 DHE 256 Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA256 Curve P-256 DHE 256 Accepted TLSv1.2 128 bits ECDHE-ECDSA-AES128-SHA Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA384 Curve P-256 DHE 256 Accepted TLSv1.2 256 bits ECDHE-ECDSA-AES256-SHA Curve P-256 DHE 256 Here is the full list of TLS suites that I used to compare: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls - -parameters-4 SSLlabs tests for gnupg.org seem to show that it cannot negotiate a connection with forward security with gnupg.org which is a requirement for ATS. https://www.ssllabs.com/ssltest/analyze.html?d=gnupg.org&s=217.69.76.60 Every load of gnupg.org in Safari results in a total failure to load anything. Running one of the suggested diagnostics shows the following error: ********************* $ nscurl --ats-diagnostics https://gnupg.org Starting ATS Diagnostics ... Default ATS Secure Connection - --- ATS Default Connection 2017-01-25 16:13:17.674 nscurl[38742:199753] NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) Result : FAIL - --- ********************* The error is also showing in the system console application with an entry such as: NSURLSession/NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9824) While I am not certain it would fix it, it seems that gnupg.org might be able to fix by changing its config to advertise a more extensive set of TLS 1.2 suites that support forward secrecy and that match the supported list provided by Apple over TLS 1.2 connections. I am happy to test this again after such a change. For now, if my testing on my own devices is representative you may be shutting out all iOS users and Safari on macOS users as well from being able to load your site at all. If others don't see that same behavior I would be interested to hear that too. Cheers, Glenn On 1/25/17 4:16 PM, Andrew Gallagher wrote: > On 2017/01/25 21:07, sivmu wrote: >> Anyways ssllabs shows a warning that the website will be degraded >> from A to C in a month. Not sure that matters all that much, but >> if there is an oppertunity to change the available ciphers at >> some point... > > I've looked into this and I'm not sure why ssllabs is degrading > from A- to C. There is a link to the blog post in the results page, > but the post appears to say that the grade will *not* be reduced. I > quote: > >> we’ll be modifying our grading criteria to penalise sites that >> negotiate 3DES with TLS 1.1 and newer protocols. Such sites will >> have their scores capped at C. Sites that continue to support >> 3DES and keep it at the end of their ordered list of suites will >> not be affected (for now). > > gnupg.org *does* keep 3DES at the end of the supported suites, so > surely it should not be affected. I'm tempted to write this off as > a mistake by ssllabs. > > A > > > > _______________________________________________ Gnupg-users mailing > list Gnupg-users@gnupg.org > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHYo11lajUTmaOI4vCiVDbdRDnGwFAliJTesACgkQCiVDbdRD nGyKog//YCy1Vb9qSSB8EeVdRTddIXcFiqjeMbIDzq2oodaMdn1da/RQKR5g1nE6 DbAcyZVIZjKnnW8Uso3bCOt03KTLoK71RJo8pu54pCB2P6WlecgnZ/KwEqXMbqnO KORSdGj4D0eU8NcUrfx5DFkr8j7odv6duiJ/ajLP+iOTUYDDL4VxkBn9aVAAWC1W 1JP/Yn9Rn5JfZxGdf3U8vzu6OSGWS8alAZRVHJRuyPceqzKCnQl4CrfYz/9n6h8S X2X3NYH1JonevkQPjzvfpI1oehZB9kKhXXK2ACg4Xtrz6UcgP621TSc5xngqDj/r yLMJNdoTuNA9HYAxV2P0b7SufhAUKlaivugvWf0pWrKwbLJS/N3dkgcVl3H7KTs4 uvCNJoObkv0YQIkIvzg99vsJW5+oO8k2E38YyWQUJ81pQWAV+hk71Gb3oiu78dpc 2klSmBXFc9JYjoYf5XrCimZqvfmcpnU5OfCzUqVFYINE7TVmfMqrqZTGdyQ+YOFU QgU7X2GoHTVjKjkgZLjF/8xZstGSd+tXPmNH6TSClxSTwn+STSQUmQow+WIbAbU9 RO8BmLmodkxC2+lUDnvnI9uzGIiJAJfg2fDXjEw5Gx0UBPvsmRqoHHXqOOAQrqCJ y8g/+HHoX65knjdVUYmWWVoY43ysoxiPZIyuug1UD/c16uu2tH0= =uOgq -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
