Re: Re: CVE-2009-3555 not addressed in OpenSSL

2010-09-23 Thread Marsh Ray 



Anyway, the proper fix would be to backport the RFC5746 changes.


Yes.

Now, what's the argument for not doing it properly? :-)


But the other end will also require that support for it to work.


Not long ago, this was a chicken-and-egg problem with the clients and 
servers. But at this point most other vendors have patched to add RFC 
5746 support:


https://bugzilla.redhat.com/show_bug.cgi?id=588181#c3

http://www.opera.com/docs/changelogs/windows/1050/

https://developer.mozilla.org/NSS_3.12.6_release_notes
https://bugzilla.mozilla.org/show_bug.cgi?id=545755

http://code.google.com/p/chromium/issues/detail?id=38082#c9

http://www.microsoft.com/technet/security/bulletin/ms10-049.mspx
http://support.microsoft.com/kb/980436

https://lists.ubuntu.com/archives/ubuntu-security-announce/2010-September/001164.html

and so on...

Debian is unfortunately lagging conspicuously here. Yes, behind MS.


You're probably better off avoiding renegotiation.


There are a couple of subtle limitations of this logic:

* Some people need renegotiation. They aren't particularly many, and 
they aren't particularly vocal, but if you need it, you really need it.


* There is absolutely no way for the client to tell if the server is 
performing an unsafe renegotiation at the time the client is expected to 
hand over his session cookie (and/or sign with his client cert). Unless, 
of course, he has successfully negotiated the use of RFC 5746 then can 
be confident that continuing the connection is safe.


Eventually client apps will refuse to talk to servers that don't support 
RFC 5746 just as today they refuse to talk SSLv2. Browsers are starting 
to warn about it today:

https://support.mozilla.com/en-US/questions/746438

By not supporting RFC 5746 on the server side, even if the server knows 
that it will never renegotiate, it prolongs for everyone the delay until 
clients can stop making potentially insecure connections. In this sense, 
it is a shared ecosystem problem.


As a long-term Debian user myself, I appeal to Debian's sense of 
enlightened self-interest and urge that RFC 5746 support be backported 
to stable.


Regards,

- Marsh


--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4c9b95a7.9080...@extendedsubset.com

Re: Re: CVE-2009-3555 not addressed in OpenSSL

2010-09-09 Thread Kyle Bader 
I saw the security tag on bug #555829, I meant that the package page
should reflect the current security situation:

http://packages.debian.org/lenny/openssl

Shouldn't it show a [security] tag similar to:

http://packages.debian.org/lenny/couchdb

-- 

Kyle Bader


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20100909103658.66781...@cerebrum

Re: Re: CVE-2009-3555 not addressed in OpenSSL

2010-09-09 Thread Kurt Roeckx 
On Thu, Sep 09, 2010 at 10:36:58AM -0700, Kyle Bader wrote:
 I saw the security tag on bug #555829, I meant that the package page
 should reflect the current security situation:
 
 http://packages.debian.org/lenny/openssl
 
 Shouldn't it show a [security] tag similar to:
 
 http://packages.debian.org/lenny/couchdb

As far as I can tell, that means that the version it's telling you
about is part of the security archive and not yet part of a stable
release.


Kurt


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20100909175719.ga20...@roeckx.be

Re: Re: Re: CVE-2009-3555 not addressed in OpenSSL

2010-09-09 Thread Kyle Bader 
 I saw the security tag on bug #555829, I meant that the package page
 should reflect the current security situation:
 
 http://packages.debian.org/lenny/openssl
 
 Shouldn't it show a [security] tag similar to:
 
 http://packages.debian.org/lenny/couchdb

As far as I can tell, that means that the version it's telling you
about is part of the security archive and not yet part of a stable
release.

Yes, that does seem to be the case. I was wrongfully under the
impression that there was an easy way to see the security status of a
package from that page.

-- 

Kyle Bader


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20100909112659.42303...@cerebrum