Re: [TLS] simplistic renego protection

To: Michael D'Errico <mike-list at pobox.com>, <tls at ietf.org>
Subject: Re: [TLS] simplistic renego protection
From: Stefan Santesson <stefan at aaa-sec.com>
Date: Fri, 20 Nov 2009 07:49:29 +0100
Delivered-to: tls at core3.amsl.com
In-reply-to: <4B061A0E.3000002 at pobox.com>
List-archive: <http://www.ietf.org/mail-archive/web/tls>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Thread-index: AcpprZtYS8qsv/xZ8kOIlYMTVsFCUQ==
Thread-topic: [TLS] simplistic renego protection
User-agent: Microsoft-Entourage/12.23.0.091001

I fully agree,

However, just because a server accepts renegotiation with an unpatched
client, does not necessarily mean that the service provided over TLS is
vulnerable.

One example is if authentication is performed with proper channel binding in
a layer above TLS and the service is provided under that security context.

I second that lenient server - unpatched client must work while ensuring
that lenient server - lenient client can't be abused using downgrade
attacks.

/Stefan

On 09-11-20 5:24 AM, "Michael D'Errico" <mike-list at pobox.com> wrote:

> Yes.
> 
> Some servers apparently cannot function without renegotiation.
> They will need to continue providing service to unpatched
> clients for some amount of time and thus remain vulnerable.

Follow-Ups:
- Re: [TLS] simplistic renego protection
  - From: David-Sarah Hopwood

References:
- Re: [TLS] simplistic renego protection
  - From: Michael D'Errico

Prev by Date: Re: [TLS] TLS Protocol Version
Next by Date: Re: [TLS] Proposal for hybrid solution using most of the ideas
Previous by thread: Re: [TLS] simplistic renego protection
Next by thread: Re: [TLS] simplistic renego protection
Index(es):
- Date
- Thread

Re: [TLS] simplistic renego protection

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.