Gervase Markham <[EMAIL PROTECTED]> writes:
>Kikx wrote:
>> Yes ...
>> but there is still 2 solutions
>> - A very big warning if we speak in SSL3 and the answer came in SSL2
>SSL3 has a mechanism for detecting an attacker attempting to downgrade a
>connection between two SSL3 endpoints to SSL2 in order to MITM it, if
>that's what you mean.
However for TLS Microsoft got their implementation of this wrong (it's still
wrong in the latest versions of MSIE, last time I checked), so all other
implementations don't use it in order to work with MSIE/IIS:
/* Microsoft braindamage, even the latest versions of MSIE still send
the wrong version number for the premaster secret (making it look
like a rollback attack), so if we're expecting 3.1 and get 3.0, it's
MSIE screwing up */
Reminds me of the scene from "Asterix in Egypt" where the sphinx souvenir
sellers are busy chiselling the noses off their statues, because it's more
important to be conformant than correct.
Peter.
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
