OWASP / ASVS

Application Security Verification Standard
Creative Commons Attribution Share Alike 4.0 International
2.74k stars 668 forks source link

V6 Cryptography - requirement for Encrypted Client Hello (ECH) #2358

Open danielcuthbert opened 5 days ago

danielcuthbert commented 5 days ago

Encrypted Client Hello (ECH) pertains to TLS and its goal to protect metadata by encrypting client-sent data like the Server Name Indication (SNI) that might otherwise leak potentially sensitive information.

V6.8 In-Use Data Cryptography broadly addresses data protection during use and during transmission, this would be a suitable section to add a requirement for ECH

more on ECH can be found on the amazing Cloudflare blog https://blog.cloudflare.com/announcing-encrypted-client-hello/

As such, it's a huge privacy tool and I am proposing we add it to V6

| 6.8.3 | [ADDED] Verify that Encrypted Client Hello (ECH) is supported and properly configured within the application’s TLS settings to prevent exposure of sensitive metadata, such as the Server Name Indication (SNI), during TLS handshake processes. | | ✓ | ✓ | |

tghosth commented 5 days ago

Does it fit better into V9 with other TLS stuff?

tghosth commented 5 days ago

@danielcuthbert ?

danielcuthbert commented 5 days ago

You know I did ponder this and im torn. Yes and no. But then should TLS be in crypto? It could fit in 9.1 nicely but that is looking a bit bare too.

jmanico commented 4 days ago

This seems way too detailed. There are hundreds of crypto requirements we could aim for. Where do we stop? Why is this critical?

And ❤️ you all, asking nicely.

randomstuff commented 4 days ago

ECH is really great/important for privacy but I am wondering whether it is really for prime time as it is not yet RFC status. And whether we should require it for now or if this should just be a recommendation.

jmanico commented 4 days ago

I politely suggest we push it to ASVS post 5.0 release.

danielcuthbert commented 4 days ago

@randomstuff one can argue that when Cloudflare has deployed it, for me that's massive scale primetime right? you couldn't get more of a huge platform to iron out the bugs

elarlang commented 4 days ago

I'm not technically competent to comment the topic but...

ECH is really great/important for privacy but I am wondering whether it is really for prime time as it is not yet RFC status. And whether we should require it for now or if this should just be a recommendation.

For OAuth/OIDC we use not released drafts, we aligned many requirements from NIST not released drafts, so it is more question does it make sense as a security requirement - that is general enough, has the impact and is not too niche.

danielcuthbert commented 3 days ago

All valid questions @elarlang ill report back with outcomes. @jmanico what other cryptography elements do you feel 5.0 is missing?

tghosth commented 3 days ago

(I am going to mark PR as draft and wait to see what else @danielcuthbert finds and also result of discussion between @jmanico and @danielcuthbert )

jmanico commented 2 days ago

All valid questions @elarlang ill report back with outcomes. @jmanico what other cryptography elements do you feel 5.0 is missing?

I added separate issues for a few things in v6!

tghosth commented 2 days ago

All valid questions @elarlang ill report back with outcomes. @jmanico what other cryptography elements do you feel 5.0 is missing?

I added separate issues for a few things in v6!

Where did you add those @jmanico ?