IBM Support

IBM i 7.3 System TLS support for Transport Layer Security version 1.3 (TLSv1.3)

News


Abstract

IBM i System TLS has been enhanced in IBM i 7.3 to support the latest industry standard of Transport Layer Security version 1.3 (TLSv1.3) protocol. IBM i System TLS has also been enhanced to support additional TLSv1.2 protocol features.

Content

You are in: IBM i Technology Updates > IBM i Security > IBM i 7.3 System TLS support for Transport Layer Security version 1.3 (TLSv1.3)

The enhancements can be obtained by applying the following:
  • SF99867: 730 TCP/IP PTF Group Level: 5
  • SF99722: 730 IBM HTTP Server for i PTF Group Level: 24
    For GUI System Value QSSLPCL and QSSLCSL support, not for HTTP Server use of TLS 1.3
  • SF99725: 730 Java PTF Group Level: 17
    Plus these 4 Java PTFs:
    SI72654 and SI72653 - JVA-RUN JDK 80-64 Native JSSE TLSv1.3
    SI72652 and SI72651 - JVA-RUN JDK 70-64 Native JSSE TLSv1.2 ChaCha20Poly1305

IBM i System TLS has been enhanced to support the latest industry standard of Transport Layer Security version 1.3 (TLSv1.3) protocol.  TLSv1.3 is enabled and used by default for partitions with system value QSSLPCL set to *OPSYS.  If QSSLPCL is not *OPSYS, the administrator must add *TLSV1.3 to the list to enable it.  If QSSLCSLCTL is *OPSYS and TLSv1.3 is enabled in QSSLPCL, the TLSv1.3 cipher suites are enabled and used by default.  If set to *USRDFN, the administrator must add one or more TLSv1.3 cipher suites to the list in order for TLSv1.3 to be used.  Applications designed to use the System TLS default protocols will immediately support TLSv1.3 if the system value settings allow TLSv1.3.  Other applications require configuration or code changes to enable TLSv1.3.

Refer to Transport Layer Security in the IBM i Knowledge Center for additional details.

Highlights:

ChaCha20 Poly1305 cipher suites
System TLS now includes support for the *CHACHA20_POLY1305_SHA256 cipher suite.  TLSv1.3 always uses ECDHE for key exchange and negotiates the certificate type independent of the cipher suite.  This resulted in removing the ECDHE, ECDSA, and RSA key words from the TLSv1.3 cipher suite names. 
TLSv1.2 still requires those key words.  Two new cipher suites, *ECDHE_ECDSA_CHACHA20_POLY1305_SHA256 and  *ECDHE_RSA_CHACHA20_POLY1305_SHA256, were added to provide ChaCha20Poly1305 support for the TLSv1.2 protocol.
 
When system value QSSLCSLCTL is set to *OPSYS, the new cipher suites are included in the QSSLCSL system value.  The new ordered list of *OPSYS cipher suites:
*AES_128_GCM_SHA256                                 
*AES_256_GCM_SHA384                                 
*CHACHA20_POLY1305_SHA256                 
*ECDHE_ECDSA_AES_128_GCM_SHA256
*ECDHE_ECDSA_AES_256_GCM_SHA384
*ECDHE_RSA_AES_128_GCM_SHA256
*ECDHE_RSA_AES_256_GCM_SHA384
*ECDHE_ECDSA_CHACHA20_POLY1305_SHA256 
*ECDHE_RSA_CHACHA20_POLY1305_SHA256
*RSA_AES_128_GCM_SHA256
*RSA_AES_256_GCM_SHA384
*ECDHE_ECDSA_AES_128_CBC_SHA256
*ECDHE_ECDSA_AES_256_CBC_SHA384
*ECDHE_RSA_AES_128_CBC_SHA256
*ECDHE_RSA_AES_256_CBC_SHA384
*RSA_AES_128_CBC_SHA256
*RSA_AES_128_CBC_SHA
*RSA_AES_256_CBC_SHA256
*RSA_AES_256_CBC_SHA
*ECDHE_ECDSA_3DES_EDE_CBC_SHA
*ECDHE_RSA_3DES_EDE_CBC_SHA
*RSA_3DES_EDE_CBC_SHA
If QSSLCSLCTL is set to *USRDFN, then the new cipher suites must be manually added or removed from QSSLCSL.
 
Refer to Cipher suite configuration in the IBM i Knowledge Center for additional details.
Elliptic curve Diffie-Hellman key exchange using Curve25519(x25519) and Curve448(x448)
The supported/enabled named elliptic curve groups list and the default named elliptic curve groups list have both been updated to include the x25519 and x448 named curves.  Most applications will begin supporting these curves with no additional configuration required.  
 
The new ordered default list of groups is:
Secp256r1
Secp384r1
x25519
Secp521r1
x448
Refer to Supported groups in the IBM i Knowledge Center for additional details.
Online Certificate Status Protocol (OCSP) stapling support
System TLS now includes support for OCSP stapling in both the TLSv1.3 and TLSv1.2 protocols.  This support allows client applications to send a certificate status request extension as part of the TLS handshake, as defined in RFC 6066, requesting that the server complete OCSP requests on behalf of the client.  Based on the server's OCSP configuration, server applications enabling this new support query an OCSP responder and send the OCSP response back to the client.
 
Refer to Online Certificate Status Protocol in the IBM i Knowledge Center for additional details.
RSASSA-PSS certificate type has been added to TLSv1.3
System TLS and Digital Certificate Manager (DCM) now support RSA certificates with RSASSA-PSS signatures by default for TLSv1.3.  This support can be configured on the application definition in DCM, with GSKit APIs or with TLSCONFIG options defaultSignatureAlgorithmCertificateList and supportedSignatureAlgorithmCertificateList.
 
Refer to Certificate selection in the IBM i Knowledge Center for additional details.
Native IBM i JSSE provider support for TLSv1.3
The Java 8 Native IBM i JSSE provider now supports TLSv1.3.  TLSv1.3 support has been added to three existing Protocol values, "SSL", "SSL_TLS", and "SSL_TLSv2".  The new protocol specific value of "TLSv1.3" was also added.
 
The following table identifies and describes the protocol values for the SSLContext.getInstance method of the native IBM i JSSE provider.  The supported TLS protocols may be limited by the system values set on your system. For more details, see the Security system values: Secure Sockets Layer protocols subtopic in the Systems management information.
 
Protocol value Supported TLS protocols
SSL TLS version 1.3, 1.2, 1.1, 1.0 and SSL version 3.
SSLv3 SSL version 3 protocol
TLSv1 TLS version 1.0 protocol, defined in Request for Comments (RFC) 2246.
SSL_TLS TLS version 1.3, 1.2, 1.1, 1.0 and SSL version 3.
TLSv1.1 TLS version 1.1 protocol, defined in Request for Comments (RFC) 4346.
TLSv1.2 TLS version 1.2 protocol, defined in Request for Comments (RFC) 5246.
TLSv1.3 TLS version 1.3 protocol, defined in Request for Comments (RFC) 8446.
SSL_TLSv2 TLS version 1.3, 1.2, 1.1, 1.0 and SSL version 3.
Refer to the Knowledge Center What's new for IBM® i 7.3 page for a full list of System TLS enhancements in IBM i 7.3

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]

Document Information

Modified date:
02 July 2020

UID

ibm16151287