[Development] QSsl: finer-grained protocol selection

[Thiago Macieira]

On Friday 26 December 2014 16:55:34 Mikkel Krautz wrote:
> We definitely wouldn't keep supporting TLS 1.0 in that case.
> 
> But we would like to still be able to accept connections where the
> handshake ends up using TLS 1.0. Then we can handle the rejection at
> the application protocol level, and show an appropriate message to the
> user and potentially disconnect them immediately. This would be
> handled through an update to the server software. Clients could be
> updated with a similar mechanism, too.
> 
> If we do it this way, it allows us to display an appropriate message,
> via the server, even for clients that are not TLS 1.1 or TLS
> 1.2-aware. (Which is pretty much the whole user base.)
> 
> However, if there really is no interest in allowing a finer-grained
> protocol selection in Qt itself, I suppose we could live with using
> QSsl::SecureProtocols. That'll at least allow us to add a generic
> error if a modern client attempts to connect to a server that only
> allows TLS 1.0. But older clients would, unfortunately, be stuck with
> a generic handshake error.
> 
> But in my opinion, that would not be ideal for our users.

I don't think we need fine-grained detection, but we do need something better 
than what we have right now.

My suggestion is to set a level. For example, if you set to TlsV10, then you 
get TLS v1.0 and anything newer, existing today or not, and disable anything 
older. The client will negotiate the highest version at connection time. The 
only reason to disable newer versions is when the server is buggy, but the 
application should not have to care about that. That's OpenSSL's job.

That means old clients will use newer and more secure protocol versions as 
soon as OpenSSL and Qt are upgraded, with no change to the application.
-- 
Thiago Macieira - thiago.macieira (AT) intel.com
  Software Architect - Intel Open Source Technology Center