Re: mac os x safari ssl cipher suite
-- Joe Cooley wrote: > Safari only seems to support DES, 3DES, and RC4 > ciphers. My question is this: should I be concerned > about privacy when *_RC4_* is the negotiated suite, Nothing wrong with RC4, when used correctly. Using it correctly turned out to be harder than we originally thought - but SSL does use it correctly. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 8PORO+zKpxIcfbxPbIn6QJCWObzpBeAHXq1ayeRH 4Xom0un81cmvTp/yhXOteppnRKtloRB7itr3E2ASz - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: mac os x safari ssl cipher suite
On Aug 11, 2006, at 10:26 AM, Joe Cooley wrote: I recently inspected ssl packets from the following apps: firefox 1.5.0.6 safari 2.0.4 (419.3) curl 7.15.4 with OpenSSL/0.9.7i I found that they list the following cipher suites during the client hello handshake protocol: (snippets from ethereal -V output...) Safari only seems to support DES, 3DES, and RC4 ciphers. My question is this: should I be concerned about privacy when *_RC4_* is the negotiated suite, i.e., in my tests, safari used TLS_RSA_WITH_RC4_128_SHA? Firefox and curl used TLS_DHE_RSA_WITH_AES_256_CBC_SHA. RC4 when used correctly (which I believe it is in TLS) should not concern you much. What should concern you, however, is that Apple has chosen to include a testing/debug NULL cipher in their production (and completely unmodifiable w/o recompiling System.framework) cipherlist: Cipher Suite: TLS_RSA_WITH_NULL_MD5 (0x0001) This means that a malicious server can negotiate Safari into using no encryption at all, while still providing all the GUI feedback of a secure SSL connection... For fun, fire off this command and visit localhost:4433 from both firefox and safari, and look at the packet dumps in ethereal (use any snakeoil server.* you have handy): /usr/local/bin/openssl s_server -cert server.crt -key server.key -www -cipher 'AES:TLSv1:ALL:NULL:!RC4-SHA:!RC4-MD5:!DES-CBC3-SHA:!DES-CBC- SHA:!EXP-RC4-MD5:!EXP-DES-CBC-SHA:!EXP-RC2-CBC-MD5' I filed a bug with Apple on this back in February, I encourage others to do so as well at http://radar.apple.com. Ask them to include the AES ciphers while you're at it, it's only been 5 years or so since it was standardized... Thanks, Eric PGP.sig Description: This is a digitally signed message part
mac os x safari ssl cipher suite
I recently inspected ssl packets from the following apps: firefox 1.5.0.6 safari 2.0.4 (419.3) curl 7.15.4 with OpenSSL/0.9.7i I found that they list the following cipher suites during the client hello handshake protocol: (snippets from ethereal -V output...) safari (22): Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: Unknown (0xff83) Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009) Cipher Suite: Unknown (0xff82) Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003) Cipher Suite: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0008) Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006) Cipher Suite: Unknown (0xff80) Cipher Suite: TLS_RSA_WITH_NULL_MD5 (0x0001) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015) Cipher Suite: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x0014) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012) Cipher Suite: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x0011) Cipher Suite: TLS_DH_anon_WITH_RC4_128_MD5 (0x0018) Cipher Suite: TLS_DH_anon_WITH_3DES_EDE_CBC_SHA (0x001b) Cipher Suite: TLS_DH_anon_WITH_DES_CBC_SHA (0x001a) Cipher Suite: TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 (0x0017) Cipher Suite: TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA (0x0019) firefox (20): Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004) Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) Cipher Suite: SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA (0xfeff) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015) Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012) Cipher Suite: SSL_RSA_FIPS_WITH_DES_CBC_SHA (0xfefe) Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009) Cipher Suite: TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (0x0064) Cipher Suite: TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (0x0062) Cipher Suite: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x0003) Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006) curl (33): Cipher Spec: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) Cipher Spec: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x38) Cipher Spec: TLS_RSA_WITH_AES_256_CBC_SHA (0x35) Cipher Spec: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x16) Cipher Spec: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x13) Cipher Spec: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x0a) Cipher Spec: SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700c0) Cipher Spec: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) Cipher Spec: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x32) Cipher Spec: TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) Cipher Spec: SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x030080) Cipher Spec: TLS_DHE_DSS_WITH_RC4_128_SHA (0x66) Cipher Spec: TLS_RSA_WITH_RC4_128_SHA (0x05) Cipher Spec: TLS_RSA_WITH_RC4_128_MD5 (0x04) Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080) Cipher Spec: SSL2_RC4_64_WITH_MD5 (0x080080) Cipher Spec: TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA (0x63) Cipher Spec: TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (0x62) Cipher Spec: TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 (0x61) Cipher Spec: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15) Cipher Spec: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x12) Cipher Spec: TLS_RSA_WITH_DES_CBC_SHA (0x09) Cipher Spec: SSL2_DES_64_CBC_WITH_MD5 (0x060040) Cipher Spec: TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA (0x65) Cipher Spec: TLS_RSA_EXPORT1024_WITH_RC4_56_SHA (0x64) Cipher Spec: TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 (0x60) Cipher Spec: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x14) Cipher Spec: TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA (0x11) Cipher Spec: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x08) Cipher Spec: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x06) Cipher Spec: SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x040080) Cipher Spec: TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x03) Cipher Spec: SSL2_RC4_128_EXPORT40_WITH_MD5 (0x020080) Safari only seems to support DES, 3DES, and RC4 ciphers. My question is this: should I be concerned about privacy when *_RC4_* is the negotiated suite, i.e., in my tests, safari used TLS_RSA_WITH_RC4_128_SHA? Firefox and curl used TLS_DHE_RSA_WITH_AES_256_CBC_SHA. Thanks, Joe - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]