Check if Extended Master Secret is supported in TLSv1.2

[JakubOnderka]

Extended Master Secret (EMS, RFC 7627) is extension for TLSv1.2 that prevents Triple Handshakes man-in-the-middle attacks.

After May 16, 2023, using EMS is mandatory by FIPS 140-3 IG, so FIPS enabled clients will reject connecting to TLSv1.2 servers that do not support EMS.

EMS support is also required by Recommendations for Secure Use of Transport Layer Security (RFC 9325).

It would be nice if Internet.nl checks if EMS is supported in HTTPS and also e-mail check.

[JakubOnderka]

Related openssl method SSL_get_extms_support

[baknu]

See also: https://list.sys4.de/hyperkitty/list/dane-users@list.sys4.de/thread/V53W2ZBZOL3JDBLPL5H3IK3LISLRR3J2/

[JakubOnderka]

Pull request to nassl library with new get_ems_support method – nabla-c0d3/nassl#120

[JakubOnderka]

Checking for EMS was integrated to nassl:

exms_support = ssl_client.get_extended_master_secret_support()

Do you think it will be possible to add this check to internet.nl interface?

[bwbroersma]

See https://www.mitls.org/pages/attacks/3SHAKE for more information about triple handshake MitM cases.

[mxsasha]

As discussed, we will aim to include this in the TLS update.

[mxsasha]

Fix is in #1800