Update release notes / openapi.yaml

Author: mxsasha

Changelog.md

@@ -4,9 +4,32 @@
 
 _Compared to the latest 1.10 release._
 
-### Feature changes
 
-- ...
+### TLS updates for NCSC 2025 guidelines
+
+All tests were updated to match the
+[2025-05 version of the NCSC TLS guidelines](https://www.ncsc.nl/documenten/publicaties/2025/juni/01/ict-beveiligingsrichtlijnen-voor-transport-layer-security-2025-05).
+Most significant changes:
+
+- The status of TLS versions, TLS authentication, curves, hashes, key exchange algorithms, FFDHE groups, 
+  RSA key lengths, and bulk encryption algorithms were updated to match the new guidelines.
+- A test for RSA PKCS#1 v1.5 was added (only PSS padding is sufficient).
+- A test for Extended Master Secret (RFC7627) was added.
+- Client-initiated renegotiation is now acceptable, if limited less than 10.
+- All checks on certificates apply only to the TODO TODO certificates.
+
+### Other TLS updates
+
+- Certificates that do not have OCSP enabled, which means stapling is not possible,
+  [are now detected as such](https://github.com/internetstandards/Internet.nl/issues/1641).
+  Several issues with OCSP stapling reliability were also resolved.
+- The cipher order detection had issues detecting some scenarios, including some where servers
+  preferred RSA over ECDHE, or CBC over POLY1305. 
+- CCM_8 ciphers were not detected.
+- OLD ciphers are no longer detected.
+- The cipher order test no longer separates between "the server cipher order preference is wrong" 
+  and "the server has no preference"
+  
 
 ### Significant internal changes
 
@@ -18,7 +41,15 @@ _Compared to the latest 1.10 release._
 
 ### API changes
 
-- ...
+This release has API version 2.7.0.
+
+- OCSP stapling has a new status `not_in_cert`, for when a certificate does not have OCSP enabled,
+  therefore stapling is neither required nor possible.
+- The cipher order status no longer returns `not_prescribed` or `not_seclevel` for new tests.
+  The insufficient statuses are now `bad` for preferring phase out over good and/or sufficient;
+  and `sufficient_above_good` for preferring sufficient over good.
+- `extended_master_secret_status` and `kex_rsa_pkcs` were added to the TLS details.
+- `client_reneg` in the TLS details was changed from a boolean to a new enum.
 
 ## 1.10.3
 

interface/batch/__init__.py

@@ -3,7 +3,7 @@
 from django.conf import settings
 
 BATCH_API_MAJOR_VERSION = "2"
-BATCH_API_MINOR_VERSION = "6"
+BATCH_API_MINOR_VERSION = "7"
 BATCH_API_PATCH_VERSION = "0"
 BATCH_API_FULL_VERSION = f"{BATCH_API_MAJOR_VERSION}" f".{BATCH_API_MINOR_VERSION}" f".{BATCH_API_PATCH_VERSION}"
 

interface/batch/openapi.yaml

@@ -628,12 +628,12 @@ components:
           enumClass: CipherOrderStatus
           description: |
             Cipher order preference of the server:
-            * `bad` - The server does not enforce good and sufficient over weaker ciphers.
+            * `bad` - The server does not enforce good+sufficient over phase out ciphers.
             * `good` - The server enforces his own preference in a correct order.
             * `not_prescribed` - The server enforces his own preference but
-              the cipher order is not based on prescribed ordering.
+              the cipher order is not based on prescribed ordering (deprecated).
             * `not_seclevel` - The server enforces his own preference but
-              the configured order is not based on security level.
+              the configured order is not based on security level (deprecated).
             * `na` - The server only supports GOOD ciphers; cipher order is
               not relevant.
             * `sufficient_above_good` - the server prefers sufficient ciphers over good.
@@ -653,6 +653,15 @@ components:
           maxItems: 3
           items:
             type: string
+        extended_master_secret_status:
+          type: string
+          enumClass: TLSExtendedMasterSecretStatus
+          description: |
+            Server support for Extended Master Secret (RFC7627):
+            * `supported` - EMS is supported.
+            * `not_supported` - EMS is not supported.
+            * `na_no_tls_1_2` - EMS is not applicable, because the server does not support TLS 1.2.
+            * `unknown` - support could not be determined or test ran before this feature was added.
         protocols_bad:
           type: array
           description: List of BAD protocols.
@@ -673,10 +682,21 @@ components:
             If secure renegotiation is supported by the server. (TLS1.3
             offers only secure renegotiation)
         client_reneg:
-          type: boolean
-          description: >
-            If client initiated renegotiation is supported by the server.
-            (TLS1.3 does not support client renegotiation).
+          type: string
+          enumClass: TLSClientInitiatedRenegotiationStatus
+          description: |
+            Client-initiated renegotiation:
+            * `not_allowed` - not allowed by server.
+            * `allowed_with_low_limit` - allowed by server, but with a sufficiently low limit (<10).
+            * `allowed_with_too_high_limit` - allowed by server, with a limit that is too high (>=10).
+        kex_rsa_pkcs:
+          type: string
+          enumClass: KexRSAPKCSStatus
+          description: |
+            RSA PKCS#1 v1.5 support:
+            * `good` - server does not support RSA PKCS#1 v1.5 padding.
+            * `bad` - server supports RSA PKCS#1 v1.5 padding.
+            * `unknown` - support could not be determined or test ran before this feature was added.
         kex_hash_func:
           type: string
           enumClass: KexHashFuncStatus