Re: [TLS] simplistic renego protection

To: tls at ietf.org
Subject: Re: [TLS] simplistic renego protection
From: Michael D'Errico <mike-list at pobox.com>
Date: Thu, 19 Nov 2009 20:24:46 -0800
Delivered-to: tls at core3.amsl.com
Dkim-signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=message-id :date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; s=sasl; bh=6VV3DzSzwQ/6 ICas+O/rZ1vYzW4=; b=ZjT78Qv+sldN9OXY1G+BD6fxo8jRCdYxk1TqsT+fVaq5 EELoHxBoyIkRQbXKXnrcFoezOqu+OAGp9r1PpJpRQOaapAvz4z1/nXyiITM97uw9 dqOBonkKpliTvAFmPolaBwdjBAWSlNzrFpOc+wWaOm+AabsleFqsN4eaVtXLL40=
Domainkey-signature: a=rsa-sha1; c=nofws; d=pobox.com; h=message-id:date :from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; q=dns; s=sasl; b=xW1EL8 m1velH5hwjHHYSkuPvOqM+bsFyKJC05pyRV/qdqhYGSLcqvg0rHaf1fyb1DS/nSv iVxwvTQ2OG/TIL/GUBZ2O/bAQC/O7Q+YO0BvomRW01c+ukp0XEcq7mUVedjw5P6z 1m1bHHhNQK9yBxnOxPymUGTBp1Bv7imQGAOKk=
In-reply-to: <4B060EE2.7020504 at bolyard.me>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <200911182000.nAIK0Qkm013905 at fs4113.wdf.sap.corp> <4B04A792.7040607 at jacaranda.org> <B197003731D4874CA41DE7B446BBA3E829CD28F1 at TK5EX14MBXW653.wingroup.windeploy.ntdev.microsoft.com> <4B059716.6010309 at jacaranda.org> <4B059A60.9000003 at jacaranda.org> <4B060EE2.7020504 at bolyard.me>
User-agent: Thunderbird 2.0.0.23 (Macintosh/20090812)

Nelson B Bolyard wrote:


... what is a "lenient server"?
Is it a vulnerable server?


Yes.

Some servers apparently cannot function without renegotiation.
They will need to continue providing service to unpatched
clients for some amount of time and thus remain vulnerable.

The solution we publish must make it impossible for a lenient-
but-patched client and a lenient-but-patched server to be
successfully attacked by a MitM using the renegotiation bug.

Mike

Follow-Ups:
- Re: [TLS] simplistic renego protection
  - From: Stefan Santesson
- Re: [TLS] simplistic renego protection
  - From: Nelson B Bolyard

References:
- Re: [TLS] simplistic renego protection
  - From: Martin Rex
- Re: [TLS] simplistic renego protection
  - From: David-Sarah Hopwood
- Re: [TLS] simplistic renego protection
  - From: David-Sarah Hopwood
- Re: [TLS] simplistic renego protection
  - From: David-Sarah Hopwood
- Re: [TLS] simplistic renego protection
  - From: Nelson B Bolyard

Prev by Date: Re: [TLS] Proposal for hybrid solution using most of the ideas
Next by Date: Re: [TLS] simplistic renego protection
Previous by thread: Re: [TLS] simplistic renego protection
Next by thread: Re: [TLS] simplistic renego protection
Index(es):
- Date
- Thread

Re: [TLS] simplistic renego protection

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.