On 2009-11-30 20:26 PST, Eddy Nigg wrote: > On 11/30/2009 11:47 PM, Kyle Hamilton: >> Twitter was breached. Before they disabled renegotiation on their >> servers, the status message POST update was POST [...], and then their >> Basic-encoded username and password. Someone injected prior bytes >> before allowing the renegotiation, and every time someone was >> intercepted, that someone's status message changed to a whole bunch of >> usernames and passwords. >> > > Which was a clear failure on the application level, not SSL...the > renegotiation just made it work easily. > > I claim that a correctly handled application is not subject to this kind > of attacks.
It depends on a number of factors, including the capabilities of the particular SSL library and its API that you're using. Some SSL libraries handle renegotiation for the application automatically, without the application's knowledge or participation, and without giving those apps any way to disable it. Those apps have no defense. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto