[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] SSL Poodle attack
From: |
Tim Rühsen |
Subject: |
Re: [Bug-wget] SSL Poodle attack |
Date: |
Thu, 16 Oct 2014 20:50:32 +0200 |
User-agent: |
KMail/4.14.1 (Linux/3.16-2-amd64; KDE/4.14.1; x86_64; ; ) |
Am Mittwoch, 15. Oktober 2014, 17:26:49 schrieb Daniel Kahn Gillmor:
> On 10/15/2014 03:10 PM, Tim Rühsen wrote:
> > I tried to make clear that Wget *explicitely* asks for SSLv2 and SSLv3 in
> > the default configuration when compiled with OpenSSL. Whatever the
> > OpenSSL library vendor is doing... it won't affect Wget in this case. So
> > with your attitude, you won't ever be safe ever from Poodle (I guess).
> >
> > And again my question: should we change the default behaviour of future
> > versions of Wget ?
> > With other words: since we know, the library vendor wouldn't help in the
> > above case, what can we do to secure Wget ?
>
> hm, i think Tim is on to something here: by default, wget should use the
> default ciphersuites and protocol versions selected by the TLS library.
> Tweaking the default choices in wget itself tends to make wget more
> brittle than the underlying library.
>
> The only way that should work to try to improve security in wget via TLS
> implementation preference strings is if the preference string is
> explicitly a minor modification of some system default. This may or may
> not be possible depending on the preference string syntax of the
> selected TLS implementation.
>
> (e.g. [for OpenSSL] if the system default is always explicitly
> referenced as DEFAULT and we decide that we never want wget to use RC4,
> then DEFAULT:-RC4 is a sensible approach, because it allows OpenSSL to
> update DEFAULT and wget gains those improvements automatically)
Here is a suggestion for a GnuTLS patch.
I have a look at OpenSSL ciphers and make a similar patch soon.
I also suggested (~1-2 years ago) an option to directly set priority strings /
ciphers for GnuTLS and OpenSSL. In situations like these, such an option would
allow for a quick reaction done by distribution maintainers and users.
What do you think ?
Tim
0001-GnuTLS-do-not-use-SSLv3-except-explicitely-requested.patch
Description: Text Data
signature.asc
Description: This is a digitally signed message part.