[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: safe renegotiation in client side
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: safe renegotiation in client side |
|
Date: |
Mon, 15 Mar 2010 19:20:06 -0400 |
|
User-agent: |
Mozilla-Thunderbird 2.0.0.22 (X11/20091109) |
On 03/15/2010 06:59 PM, Tomas Mraz wrote:
> On Mon, 2010-03-15 at 23:38 +0100, Simon Josefsson wrote:
>> If that is the case, can't we make GnuTLS accept talking to "old"
>> servers by default, but if client certificate authentication is
>> requested by the application, it will tear down the connection if the
>> server doesn't support safe-renegotiation?
>
> Unfortunately the credentials might take even different forms such as
> the auth user name and password and they might be revealed to the
> attacker which was demonstrated in the Twitter attack.
I think Tomas is correct here; *any* re-negotiation can be used as a
vector for an attack like this, not just renegotiations which request
client certificates.
--dkg
signature.asc
Description: OpenPGP digital signature
- Re: safe renegotiation in client side, (continued)
- Re: safe renegotiation in client side, Simon Josefsson, 2010/03/15
- Re: safe renegotiation in client side, Daniel Kahn Gillmor, 2010/03/15
- Re: safe renegotiation in client side, Simon Josefsson, 2010/03/15
- Re: safe renegotiation in client side, Daniel Kahn Gillmor, 2010/03/15
- Re: safe renegotiation in client side, Simon Josefsson, 2010/03/16
- Re: safe renegotiation in client side, Nikos Mavrogiannopoulos, 2010/03/16
- Re: safe renegotiation in client side, Simon Josefsson, 2010/03/16
Re: safe renegotiation in client side, Tomas Mraz, 2010/03/15
Re: safe renegotiation in client side, Simon Josefsson, 2010/03/15