gnutls-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft release notes for 2.10.0


From: Tomas Hoger
Subject: Re: Draft release notes for 2.10.0
Date: Thu, 29 Apr 2010 16:08:27 +0200

On Thu, 29 Apr 2010 09:41:03 +0200 Simon Josefsson wrote:

> proper client attempts to contact the server, the attacker hijacks
> that connection and uses the TLS renegotiation feature with the
> server and splices in the client connection to the already
> established connection between the client and server.

"*attacker* and server"

> However, some server implementations will (incorrectly) assume that
> the data sent by the attacker was sent by the now authenticated
> client.

Renegotiation does not have to change client authentication status
(either TLS or application level).  Twitter attack is one example.

> However, by default GnuTLS client and servers will not refuse
> renegotiation attempts when the extension has not been negotiated, as
> this would break backwards compatibility and cause too much
> operational problems.  We will likely reconsider these defaults in
> the future.

If these defaults change (discussion in the other thread), you may
wish to extend this to cover different impact of allowing initial / re-
negotiation on clients and servers.

> To modify the default behaviour, we have introduced three new priority

Following paragraph describes 4, even though one is special.

HTH

th.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]