Chrome set to disable and remove SSLv3 in upcoming releases

Chrome 39, due to be released in six weeks' time, will be the first step in Google's plan to remove SSLv3 support from its Chrome browser.

Earlier this month, Google discovered a flaw in SSLv3, dubbed Padding Oracle On Downgraded Legacy Encryption (POODLE), that allowed an attacker to conduct a man-in-the-middle attack in order to steal cookies. Although SSLv3 has long been made obsolete by Transport Layer Security, the potential impact of POODLE was large, due to handshaking procedures that occur when setting up a secure connection between HTTP servers and clients to establish a common protocol to communicate.

To prevent connections falling back to SSLv3 from being created, Google security engineer Adam Langley said that in Chrome 39, the ability to fallback to SSLv3 will be disabled by default.

"SSLv3-fallback is only needed to support buggy HTTPS servers," Langley said in a post to the Chromium security mailing list. "Servers that correctly support only SSLv3 will continue to work (for now), but some buggy servers may stop working.

"The answer in these cases is to fix the server — TLS 1.0 is nearly 15 years old at this point.

Langley said that due to a lack of time to translate an error message, Chrome would only show a generic error message, a yellow badge over the secure connection lock shown in the browser's address bar, when the browser hits a buggy server. Looking at the details of the error would show a message containing ERR_SSL_FALLBACK_BEYOND_MINIMUM_VERSION.

"A lack of a yellow badge doesn't mean that everything will be fine, as there could still be subresources of the page that are served over SSLv3 connections," Langley said. "Developers can run Chrome with --ssl-version-min=tls1 in order to test their sites."

By the release of Chrome 40 in 12 weeks' time, support for SSLv3 would be disabled, with Langley warning that any buggy servers should be updated to at least TLS 1.0 by then. Chrome 40 will support the setting of minimum SSL/TLS security protocols in the about:flags page.

"In time, SSLv3 client support will be removed from the code, so anyone re-enabling SSLv3 and/or fallback to it via policy, command line options, or about:flags should not treat that as a long-term solution," Langley said.

Earlier this week, Microsoft released a fix that disabled support for SSLv3 in Internet Explorer. Mozilla said earlier this month that it will be disabling SSLv3 support by default in Firefox 34, which is currently due to be released on November 25.