Use TLS 1.2 by default when min_version is not defined

[rapphil]

Description:

Use TLS 1.2 by default when min_version is not defined.

TLS 1.0 and 1.1 are widely deprecated. It does not make sense to offer users with an insecure default.

This PR changes the default TLS min_version for both server and client to 1.2. This is reverting part of a recent change: #5480

Link to tracking Issue: #5627

Testing: Unit tests were modified to account for this case.

Documentation: Documentation was updated describing the new default.

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: rapphil / name: Raphael Philipe Mendes da Silva (05aa1c9)

[jpkrohling]

I'm all for this change, which has been the case in the past, but a recent change made our code relay the default to go's crypto/tls package. Would you be able to dig that issue and link it here? A git blame on the "// Defaults will ..." comment should reveal the PR/issue that changed that.

[Aneurysm9]

Please add a CHANGELOG.md entry.

[rapphil]

I'm all for this change, which has been the case in the past, but a recent change made our code relay the default to go's crypto/tls package. Would you be able to dig that issue and link it here? A git blame on the "// Defaults will ..." comment should reveal the PR/issue that changed that.

I added the previous PR in the description.

[codecov]

Codecov Report

Merging #5956 (08ac857) into main (940943c) will not change coverage.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #5956   +/-   ##
=======================================
  Coverage   92.24%   92.24%           
=======================================
  Files         212      212           
  Lines       13263    13263           
=======================================
  Hits        12235    12235           
  Misses        811      811           
  Partials      217      217           

Impacted Files	Coverage Δ
config/configtls/configtls.go	100.00% <100.00%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

[jpkrohling]

@bogdandrutu, in the previous PR, you seemed to favor delegating the default protocol to the underlying library. I believe setting 1.2 as the min version is the right thing to do here, despite the underlying library setting a lower min version, but it would be good to have your OK on this before moving forward.

[bogdandrutu]

Usually I prefer to be consistent with the standard library. Not an expert in security, and not sure what it means to use the deprecated version.

[rapphil]

Usually I prefer to be consistent with the standard library. Not an expert in security, and not sure what it means to use the deprecated version.

I agree with your approach, but I think it is not applicable in this case because promoting security best practices with secure defaults has higher priority.

I'm not a security expert either but I think we can trust open standards to guide us here:
https://datatracker.ietf.org/doc/rfc8996/

Removing support for older versions from implementations reduces the
attack surface, reduces opportunity for misconfiguration, and
streamlines library and product maintenance.

The RFC references other sources that describe possible attacks which TLS1.0 and 1.1 are vulnerable to.

I think we should even remove the option of using TLS1.0 and 1.1 altogether, but that is another discussion :)

[jpkrohling]

In security circles, people just assume TLS 1.0 and 1.1 are effectively broken. There might be people out there with good reasons to use those versions, so I wouldn't artificially limit its usage, but I would definitely have 1.2 as the default min version.

[rapphil]

@bogdandrutu @jpkrohling
Is there anything else that I can do to get your approvals?