Re: [TLS] Implementation survey: Client Certificate URL extension
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TLS] Implementation survey: Client Certificate URL extension
Martin Rex <Martin.Rex at sap.com> writes:
>For some firewalls it is sufficient to call a particular URL from the inside
>(with parameters tacked at the end of the URL) in order to open a hole that
>can be entered from the outside.
>
>Generating advertising "clicks" might be another abuse.
>
>Being able to coerce a server to access an arbitrary URL from the inside of
>his network is IMHO a pretty serious security problem.
It's even worse than that, it's turning the server into an attacker-controlled
proxy inside the firewall. For example I can perform port scans of an
organisation's internal network (and in general attack its internal servers)
using this "feature". I'll see if I can dig up the postings about this,
although since the discussion was up to 10 years ago I'm not sure if I still
have them.
Peter.
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
