![oss-sec logo](/images/oss-sec-logo.png)
oss-sec mailing list archives
Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable?
From: Mark Felder <feld () feld me>
Date: Wed, 04 Feb 2015 12:09:35 -0600
On Wed, Feb 4, 2015, at 11:59, Reed Loden wrote:
... or you could do something like what Twitter did [0] and write your own scripts to generate new session ticket keys regularly and store them only in a tmpfs or /dev/shm type environment. agl also talks about this problem on his blog [1] a while ago. As for your earlier question, nginx has the same issue here [2]. Really all comes down to OpenSSL not making it easy to do better. ~reed [0] https://blog.twitter.com/2013/forward-secrecy-at-twitter [1] https://www.imperialviolet.org/2013/06/27/botchingpfs.html [2] http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key
Okay, so the failure is two-pronged: the current limitations in OpenSSL with regards to managing session ticket keys, and the use of session tickets when PFS cipher is negotiated. Thanks for all the details, guys.
Current thread:
- Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Mark Felder (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Florent Daigniere (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Mark Felder (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Reed Loden (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Mark Felder (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Florent Daigniere (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Mark Felder (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Florent Daigniere (Feb 04)
- Re: Apache 2.4 mod_ssl SSLSessionTickets -- others vulnerable? Michael Samuel (Feb 04)