oss-sec mailing list archives
Re: SSL POODLE
From: Hanno Böck <hanno () hboeck de>
Date: Wed, 15 Oct 2014 09:20:18 +0200
Am Wed, 15 Oct 2014 09:10:24 +0200 schrieb Florian Weimer <fweimer () redhat com>:
As far as I can tell, the TLS downgrade protecton mechanism work. However, browsers have an out-of-protocol, unprotected downgrade mechanism to SSL 3.0. (The Firefox function is called “retryDueToTLSIntolerance”.) I think we would be better off disabling *that* mechanism (for which configuration knob seems to exist, alas), instead of disabling SSL 3.0 or adding a different protocol version probing mechanism.
+1 I've argued for that since... 2008! https://bugzilla.mozilla.org/show_bug.cgi?id=450280 Basically that's one of the scary parts of this: 1. We have an in-protocol downgrade mechanism 2. People develop broken SSL implementations that don't work with that 3. Browsers have a non-protocol workaround that allows out-of-protocol downgrades 4. These downgrades cause compatibility issues 5. People put more duct tape around this workaround (that's not part of the protocol) by inventing a new protocol (SCSV) that adds more complexity to TLS 6. These downgrades cause security issues (NOT the first time! One of the Blackhat Virtual Host Confusion attacks also relied on these downgrades) Basically I'd group POODLE together with BERserk as the "we could've avoided it"-vulnerabilities in SSL/TLS. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno () hboeck de GPG: BBB51E42
Attachment:
signature.asc
Description:
Current thread:
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:), (continued)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Kurt Seifried (Oct 28)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Alexander Cherepanov (Oct 28)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Kurt Seifried (Oct 28)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Michal Zalewski (Oct 29)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Dave Horsfall (Oct 29)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Michal Zalewski (Oct 29)
- Re: list policy (Re: Truly scary SSL 3.0 vuln to be revealed soon:) Solar Designer (Nov 03)
- Re: SSL POODLE (Truly scary SSL 3.0 vuln) gremlin (Oct 14)
- Re: SSL POODLE (Truly scary SSL 3.0 vuln) Krassimir Tzvetanov (Oct 14)
- Re: SSL POODLE Florian Weimer (Oct 15)
- Re: SSL POODLE Hanno Böck (Oct 15)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Reed Loden (Oct 14)
- RE: Truly scary SSL 3.0 vuln to be revealed soon: Sona Sarmadi (Oct 15)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Pierre Schweitzer (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: mancha (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Krassimir Tzvetanov (Oct 14)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Ben Lincoln (0E1C7DBB - OSS) (Oct 15)
- Re: Truly scary SSL 3.0 vuln to be revealed soon: Hanno Böck (Oct 15)
- RE: Truly scary SSL 3.0 vuln to be revealed soon: Sona Sarmadi (Oct 16)