When connecting to an Apache webserver that's running Gentoo using Firefox 3, the Camellia-256 cipher is chosen by default. While there's no immediate reason to suspect Camellia, it is pretty much the only newcomer in the TLS world. Given that the strength of symmetric cryptographic algorithms is usually evaluated through peer review and cryptanalysis, it's a good idea to be conservative and prefer older, more reviewed ciphers. This happens for two reasons: 1) Regardless of the operating system, when Firefox 3 establishes a TLSv1 connection, it always sends the Camellia cipher suites first, as "preferred". 2) Gentoo always configures openssl with --enable-camellia (this is not user-configurable), so mod_ssl prefers the first supported cipher suite sent by the client. Reproducible: Always Steps to Reproduce: 1. Open Firefox 3 (on any OS) and go to a Gentoo HTTPS server, such as https://bugs.gentoo.org/ 2. Click on the icon in the address bar and click "More Information" Actual Results: "Technical Details" reports: "Connection Encrypted: High-grade Encryption (Camellia-256 256 bit)" dev-libs/openssl-0.9.8g-r2 www-servers/apache-2.2.9-r1 Portage 2.1.4.4 (default-linux/x86/2007.0, gcc-4.1.2, glibc-2.6.1-r0, 2.6.11-gentoo-r9-d-4 i686) ================================================================= System uname: 2.6.11-gentoo-r9-d-4 i686 Intel(R) Pentium(R) 4 CPU 2.40GHz Timestamp of tree: Mon, 22 Sep 2008 11:45:01 +0000 distcc 2.18.3 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled] app-shells/bash: 3.2_p33 dev-lang/python: 2.3.6-r2, 2.4.4-r4, 2.5.2-r8 dev-python/pycrypto: 2.0.1-r6 dev-util/confcache: 0.4.2 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r2 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1-r1 sys-devel/binutils: 2.18-r3 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.4.3-r4, 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-pipe -O2 -fstack-protector -march=pentium4 -mtune=pentium4" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /var/bind /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-pipe -O2 -fstack-protector -march=pentium4 -mtune=pentium4" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch userpriv usersandbox" GENTOO_MIRRORS="http://a2/gentoo/ ftp://ftp.ipv6.linux.ee/pub/gentoo/distfiles/ http://ftp.linux.ee/pub/gentoo/distfiles/" LANG="en_US" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://pig/gentoo-portage" USE="acl apache2 berkdb bzip2 caps cgi cli cracklib d dri gdbm iconv ipv6 isdnlog jpeg logrotate midi mmx mudflap ncurses nptl openmp pam pcre png pppd python readline reflection session spl sqlite ssl tcl threads truetype unicode x86 xattr xml xml2 xorg zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="access auth auth_dbm auth_anon auth_digest alias file-cache echo charset-lite cache disk-cache mem-cache ext-filter case_filter case-filter-in mime-magic cern-meta expires headers usertrack unique-id proxy proxy_connect proxy_ftp proxy_http info include cgi cgid dav dav-fs vhost-alias speling rewrite log_config logio env setenvif mime status autoindex asis negotiation dir imap actions userdir so authz_host authz_user authz_groupfile authz_default authn_file authn_default" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU" VIDEO_CARDS="apm ark chips cirrus cyrix dummy fbdev glint i128 i740 i810 imstt mach64 mga neomagic nsc nv r128 radeon rendition s3 s3virge savage siliconmotion sis sisusb tdfx tga trident tseng v4l vesa vga via vmware voodoo" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
*** Bug 238603 has been marked as a duplicate of this bug. ***
Thanks for uttering your concerns with us. However, I'm reassigning your bug to the Mozilla herd. There is no obvious security impact (yet), and we won't be reviewing the protocol ourselves. Limiting ciphers is something that (as you pointed out) is done in a client, so disabling it in Apache would be counter-productive for systems that do not support other ciphers than Camellia. Your concerns are probably better addressed upstream, but I'll let our Mozilla maintainers decide on that.
Not a firefox bug(not gentoo's firefox, that is, as he says in any os it occurs the same).
why is this assigned to base-system ? it does not manage any web package such as browsers or servers ...
uhm? maybe report this upstream, or just remove the cipher from your config?
