Re: [TLS] TLS renegotiation issue

To: Eric Rescorla <ekr at rtfm.com>
Subject: Re: [TLS] TLS renegotiation issue
From: Michael Gray <mickgray at au1.ibm.com>
Date: Fri, 6 Nov 2009 10:00:23 +1000
Cc: "tls at ietf.org" <tls at ietf.org>
Delivered-to: tls at core3.amsl.com
In-reply-to: <d3aa5d00911051258n4a1501d4o3ffe1743eed0187 at mail.gmail.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>

Eric Rescorla <ekr at rtfm.com> wrote:

> well, that was really complete, but the link below is even more so!
>
>
http://www.educatedguesswork.org/2009/11/understanding_the_tls_renegoti.html

>
>
> On Thu, Nov 5, 2009 at 12:57 PM, Eric Rescorla <ekr at rtfm.com> wrote:
> > FWIW, here's my more complete analysis.
> >
> > -Ekr

IMHO The proposed fix looks to be also introducing the concept of
Retrospective Trust into TLS.  This being necessary due to the problem
highlighted in the HTTP protocol in that it will process messages that
arrived prior to authentication etc.  However, IMHO I would guess that once
TLS is perhaps protected, then the attacker will simply attack at some
other level as the HTTP/Web Application is still vulnerable. IMHO these
other attacks might be easier to do and perhaps at the same time harder to
detect.  My view is that implying Retrospective Trust in TLS will lure
application developers into incorrectly thinking they are now (or are
still) safe and continue the IMHO dangerous practice of Retrospective
Trust.  IMHO I would question why allowing the concept of Retrospective
Trust into TLS is not inherently dangerous.

Mick Gray

P.S. - The opinions above are my own, and not necessarily those of my
employer.

> >
> _______________________________________________
> TLS mailing list
> TLS at ietf.org
> https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] TLS renegotiation issue
  - From: Martin Rex

References:
- Re: [TLS] TLS renegotiation issue
  - From: Eric Rescorla

Prev by Date: Re: [TLS] TLS renegotiation issue
Next by Date: Re: [TLS] TLS renegotiation issue
Previous by thread: Re: [TLS] TLS renegotiation issue
Next by thread: Re: [TLS] TLS renegotiation issue
Index(es):
- Date
- Thread

Re: [TLS] TLS renegotiation issue

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.