On Jul 5, 2013, at 12:01 AM, Jacob Appelbaum <ja...@appelbaum.net> wrote:
> Nadim Kobeissi: >> >> On 2013-07-05, at 3:15 AM, Jacob Appelbaum <ja...@appelbaum.net> wrote: >> >>> Nadim Kobeissi: >>>> Hello everyone, >>>> I urge you to read our response at the Cryptocat Development Blog, which >>>> strongly clarifies the situation: >>>> >>>> https://blog.crypto.cat/2013/07/new-critical-vulnerability-in-cryptocat-details/ >>> >>> Has there been a rotation of the certificate and keying material for all >>> services that serve CryptoCat chat traffic? >> >> Rest assured we're working on it as an extra precaution (as mentioned in the >> blog post). Also, our services use SSL forward secrecy. > > I'm not really assured and I think I should clarify something that is > perhaps slipping past like a ship in the night. I went to crypto.cat in > Chrome only to find myself not connected in a forward secure manner. > > According to ssllabs[0], CryptoCat supports some odd SSL/TLS configurations: > > Protocols > TLS 1.2 Yes > TLS 1.1 No > TLS 1.0 No > SSL 3.0 Yes > SSL 2.0 No > > Further more - it appears that CryptoCat supports > SSL_RSA_WITH_RC4_128_SHA, as well as other non-forward secure modes Is > there really any reason to support such a mode with 3DES in 2013 for > this kind of service? > > Also, I'm not sure if this is obvious but it appears that many users may > be using SSL 3.0: > > Chrome 27 SSL 3 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward > Secrecy 128 > Firefox 21 SSL 3 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward > Secrecy 128 > Internet Explorer 10 SSL 3 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) > Forward Secrecy 128 > Safari iOS 6.0.1 TLS 1.2 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) > Forward Secrecy 128 > Safari 5.1.9 SSL 3 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward > Secrecy 128 > > RC4 is not my favorite choice when all the other crypto has failed. > > Do you know how many users are impacted? How many users are actually > choosing the forward secret protocols? > > All the best, > Jacob > > [0] https://www.ssllabs.com/ssltest/analyze.html?d=crypto.cat > _______________________________________________ > cryptography mailing list > cryptography@randombit.net > http://lists.randombit.net/mailman/listinfo/cryptography _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography