[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TLS Man-In-The-Middle Vulnerability



On 11/05/09 15:52, Nick Mathewson wrote:
> On Thu, Nov 05, 2009 at 02:10:00PM -0500, Marcus Griep wrote:
>> Don't know if any one else has seen or taken a look at this. I don't know if
>> this affects Tor, though I believe that we do use certificate renegotiation
>> in the protocol, and that is the entry vector for this particular
>> vulnerability:
> 
> FWIW, this doesn't affect Tor.  The problem here is not renegotiation
> per se; the problem is doing renegotiation, then acting as though data
> sent _before_ the renegotiation were authenticated with the
> rengotiated credentials.
> 
> The Tor protocol isn't vulnerable here because 1) it doesn't allow data
> to be sent before the renegotiation step, and 2) it doesn't treat a
> renegotiation as authenticating previously exchanged data (because
> there isn't any).

The vulnerability itself might not effect Tor, but the OpenSSL
workaround for this vulnerability of disabling renegotiation by default
in 0.9.8l [1] might not play nice with a Tor implementation.

-Andrew

[1] http://www.openssl.org/news/secadv_20091111.txt
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/