On 17/10/2014 16:37, dol o wrote:
Dear Devs,
Here is the blogpost of the HTTPS breakdown:
http://www.moserware.com/2009/06/first-few-milliseconds-of-https.html
From what I understand, the Client hello is the first part of the ssl
handshake that is not encrypted/HMAC’d
According to https://www.openssl.org/~bodo/ssl-poodle.pdf
<https://www.openssl.org/%7Ebodo/ssl-poodle.pdf>they recommend that
clients (Client Hello) send the value 0x56, 0x00 (TLS_FALLBACK_SCSV)
and the servers should accept the value 0x56, 0x00 (TLS_FALLBACK_SCSV)
but this is stuff is transmitted over plaintext which can potentially
be modified by an attacker. Can the vulnerable SSL connection still
occur with the removal of the TLS_FALLBACK value set from the client.
Let me know what you think when you get a chance.
No, while not encrypted, the Client Hello message will be
signed/hashed later in the handshake, ensuring that the connection
will fail if it is modified, otherwise much worse could be done
(such as removing all the strong ciphers from that same list, thus
causing 40 bit encryption).
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded