[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TLS Man-In-The-Middle Vulnerability



On Thursday 12 November 2009 03:15:20 Nick Mathewson wrote:
> On Wed, Nov 11, 2009 at 12:59:21PM -0500, Andrew S. Lists wrote:
> > On 11/05/09 15:52, Nick Mathewson wrote:
> > > On Thu, Nov 05, 2009 at 02:10:00PM -0500, Marcus Griep wrote:
> > >> Don't know if any one else has seen or taken a look at this. I
> > >> don't know if this affects Tor, though I believe that we do use
> > >> certificate renegotiation in the protocol, and that is the entry
> > >> vector for this particular vulnerability:
> > >
> > > FWIW, this doesn't affect Tor.  The problem here is not
> > > renegotiation per se; the problem is doing renegotiation, then
> > > acting as though data sent _before_ the renegotiation were
> > > authenticated with the rengotiated credentials.
> > >
> > > The Tor protocol isn't vulnerable here because 1) it doesn't
> > > allow data to be sent before the renegotiation step, and 2) it
> > > doesn't treat a renegotiation as authenticating previously
> > > exchanged data (because there isn't any).
> >
> > The vulnerability itself might not effect Tor, but the OpenSSL
> > workaround for this vulnerability of disabling renegotiation by
> > default in 0.9.8l [1] might not play nice with a Tor
> > implementation.
> 
> Indeed it will not.  We have a fix in svn to make the 0.2.1.x and
> 0.2.2.x-alpha series both work correctly with OpenSSL 0.9.8l.  With
> any luck, we should get releases out before too long.

Hi Nick,

Would you mind releasing that updated version a.s.a.p. Tor doesn't work 
here at all anymore

Regards,
Erwin

-- 
Erwin Lam (erwinlam@xxxxxx)

Attachment: signature.asc
Description: This is a digitally signed message part.