[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MAC padding (Debian Bug #390712)
From: |
Andreas Metzler |
Subject: |
Re: MAC padding (Debian Bug #390712) |
Date: |
Thu, 3 Jan 2008 16:51:00 +0100 |
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On 2008-01-03 Marc Haber <address@hidden> wrote:
[...]
> Debian Bug #390712, http://bugs.debian.org/390712
> =================================================
> Simon writes:
> > Appears to be triggered by GnuTLS implementing MAC padding to solve a
> > security problem in TLS. OpenSSL reportedly does not implement the
> > same work around, and would thus appear to be vulnerable to that
> > problem.
> > Conclusion: Appears to be a ???wontfix??? bug. Personally, I think GnuTLS
> > could provide a simpler mechanism to disable MAC padding if
> > applications deem this necessary. Someone could double check how
> > important the MAC padding security concern is.
> I disagree about the "wontfix" bug. We have an interoperability issue
> here, where the end user notices "things work when I use OpenSSL or do
> not use TLS at all, only GnuTLS breaks". In the result, the end user
> will use OpenSSL or no TLS at all, which reduces GnuTLS user base and
> cryptography coverage.
> I would like to see a mechanism to disable MAC padding if it is really
> the culprit here.
Hello,
AFAIUI that has been done on the gnutls side of things:
------------------------------
* Version 2.0.3 (released 2007-11-10)
** Added gnutls_record_disable_padding() to allow servers talking to
buggy clients that complain if the TLS 1.0 record protocol padding is
used.
** Introduced gnutls_session_enable_compatibility_mode() to allow
enabling all supported compatibility options (like disabling padding).
------------------------------
thanks, cu andreas
--
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'