Editor Note:
In December 2021, Zscaler rolled out full inspection of TLS 1.3 across all clouds. This was done transparently to all users and was enabled by default. We are talking 10 of millions of users and a cloud moving 2+ tbps with zero support tickets opened. That’s just how they do it over there; inspect all traffic, stop the bad guys, and look good doing it.
TLS 1.3 was finalized in April of 2018 with the promises of privacy, security, and performance and unlike its predecessors, adoption of this protocol might be coming in sooner than you think. In a post on reddit, PAN indicates that Google Chrome will be implementing a strict TLS 1.3 in January of 2019:
…using web browsers that implement strict TLS 1.3 compliance. We have been informed that Google Chrome is planning to implement strict TLS 1.3 compliance in their upcoming version 72. The stable build of Google Chrome version 72 may be available in January 2019…
I have poked around looking for actual documentation from google, specifically around the wording “strict TLS 1.3 compliance” on the interwebs and haven’t found anything. Why? There is a key difference between supporting TLS 1.3 and going strict TLS 1.3. The former means the client can still negotiate the connection and most likely if the client doesn’t support TLS 1.3, the connection will be downgraded to TLS 1.2. The latter indicates that Chrome and Google based applications, such as gmail, will only work over TLS 1.3. The closest documentation that I was able to find that supports PANs claim was on The Chromium Project. The article makes no mention of strict TLS 1.3 or timelines but does mention this:
Gmail fails to load with ERR_SSL_VERSION_INTERFERENCE or ERR_TLS13_DOWNGRADE_DETECTED.
Certainly seems like strict TLS 1.3 to me.
In either case, what does that mean to you? Just like your facebook relationship status, it’s complicated. If you are a Cisco or Palo Alto Networks customer, it appears that you need to upgrade:
Cisco “Firepower” DevicesWhen operating in “Decrypt – Resign mode/SSL Decryption Enabled”, issues with these devices will cause TLS 1.3 connections to break. Cisco have released a fix in their 6.2.3.4 release. (Released 09/28/18)
Palo Alto Networks Firewall Devices
If you run a prior version of PAN-OS, plan to upgrade to one of the following releases:
• PAN-OS 8.0.14 (targeted to be available on Nov 15, 2018*)
• PAN-OS 7.1.21 (targeted to be available on Nov 1, 2018)Impact Without upgrading to one of the above maintenance releases, users may no longer be able access Gmail and other websites and applications that utilize TLS 1.3 when SSL forward proxy decryption is in use. As a result, your users will receive the following web browser error: ‘ERR_TLS13_DOWNGRADE_DETECTED’.
* As of Nov 17th, 2018, PAN-OS 8.0.14 has not been released. You’d think a security company would have seen this coming since TLS 1.3 became a standard in April 2018. Or maybe they really aren’t a security company?
Raise your hand if you love running bleeding edge code and have zero issues in the past!
If you are an early adopter and actually like running bleeding edge code, you obviously haven’t been kicked in the balls post upgrade…yet.
Turning the page to Checkpoint. Their support portal has nothing regarding TLS 1.3 support. In the communities section, I did find a post about it on 07/19/18:
This is something that is on our radar for sure.
As to the specifics, it’s probably too soon to say.
If you are a Checkpoint customer, I would strongly encourage you to open a case with support and determine where they are currently at with it.
As for the Fortinet shops, things aren’t looking too good for you right now. On 09/28/18, there is a post regarding support for TLS 1.3:
There is no official support for TLS1.3 yet, it is still under the internal test. So far the deep-inspection works well with both chrome69** and firefox62 and most popular servers with TLS1.3 enabled. It will support all the 5 ciphers defined in RFC8446 as well as for 1-rtt, 0-rtt and 2-rtt (HelloRetryRequest). Unlike TLS1.2 to TLS1.1, TLS1.3 is really a big change. It takes more time to provide full features and stabilities.
**Uh what about Chrome72?
Just like discounted meat at the butcher, there is a reason why Fortinet is so cheap. If you find yourself in this predicament, you had better open a support case and find out where they are at with FortiOS and TLS 1.3 support.
But what if you are a Zscaler customer? Don’t worry, it’s not your problem. That’s the benefit of relying on a cloud security stack.
TLS 1.3 has been on their radar ever since it was in draft. By the time TLS 1.3 became an actual standard, support for it was rolled out cloud wide. Unlike legacy appliances, Zscaler supports strict TLS 1.3 connections without you having to patch anything. For connections that are not strict TLS 1.3, Zscaler will be able to negotiate it down to TLS 1.2 and allow TLS inspection (MITM) to occur. What does all that mean? You don’t have to sacrifice security in the name of functionality. That’s just how they do it at Zscaler, stop the bad guys and look good doing it.
Cloud is the future. The legacy vendors like Palo Alto, Cisco, Fortinet, etc are like the Samsung Galaxy Note, it briefly caught fire a few years back but hasn’t worked since. If you haven’t looked into network transformation, maybe you can give it a read while you are up all night upgrading your firewalls.
Regards,
BD