wiki:Plan/Security

We have some security-related code in Twisted. I think all of the core developers basically have some great ideas for making things secure (we generally know our way around crypto abstractions, if not crypto math; we are aware of common issues; we know about tools like capability-based design for cooperation without trust) but our implementation doesn't live up to that fact. For example, twisted.internet.ssl is still woefully incomplete, twisted.cred lacks features (like the ability to identify useful attributes of other users, or create and modify accounts). Most of all we need docs for how to use these things effectively to produce secure software that uses twisted.

We should come up with some plans to really finish, polish, and document some of these systems.

TLS

Short term

  • #6663: We need to make the cipher suites configurable.
  • #6801: OP_NO_COMPRESSION needs to be set to circumvent CRIME, OP_CIPHER_SERVER_PREFERENCE to force our ciphers on clients.
  • #6799: We need to support DHE to offer PFS.
  • #4888: twisted.web.client.Agent our new web client API has to learn hostname verification for HTTPS URIs.
  • #5446/#6334: For that we need access to a reliable trust store.
  • #6924: Expose dhParameters to string endpoints

Mid Term

  • #6586: Add ECDH, we need to add it too (eg. Windows does no DHE). (and make is pretty as soon as PyOpenSSL learns about ECDH #7033)
  • #4887: Add SNI (not security-relevant but belongs into a complete TLS framework).
  • #6802: Add OCSP stapling support

Long Term

Last modified 8 months ago Last modified on 03/14/2014 10:26:25 AM