Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-27 Thread Richard Könning
Am 24.10.2014 23:16, schrieb David Li: On Fri, Oct 24, 2014 at 1:28 PM, Richard Könning mailto:richard.koenn...@ts.fujitsu.com>> wrote: Am 24.10.2014 20:47, schrieb David Li: On Fri, Oct 24, 2014 at 11:18 AM, Richard Könning mailto:richard.koenn...@ts.fujitsu.com>

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-26 Thread Aditya Kumar
Thanks Florian, Jakob, Matt and everyone else. You guys are fascinating. Its a rocking community. Thanks again for your excellent support and taking pain to answer my repeated questions. On Mon, Oct 27, 2014 at 1:04 AM, Florian Weimer wrote: > * Aditya Kumar: > > > Suppose, the Server is patched

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-26 Thread Florian Weimer
* Aditya Kumar: > Suppose, the Server is patched with the FALLBACK flag and its protocol is > set to TLSV1/SSLV23(with TLSV1 as the highest protocol) and then client > tries to connect to Server in TLSV1 and sets FALLBACK flag before > initiating communication with Server. Will the client be able

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-26 Thread Aditya Kumar
Thanks Jakob and everyone for their prompt replies. My most of the doubts are cleared and I just want to confirm the protocol behavior in one particular scenario. Suppose, the Server is patched with the FALLBACK flag and its protocol is set to TLSV1/SSLV23(with TLSV1 as the highest protocol) and t

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread David Li
On Fri, Oct 24, 2014 at 1:28 PM, Richard Könning < richard.koenn...@ts.fujitsu.com> wrote: > Am 24.10.2014 20:47, schrieb David Li: > >> >> >> On Fri, Oct 24, 2014 at 11:18 AM, Richard Könning >> > > wrote: >> >> At 24.10.2014 19:03, David Li wrote: >> >

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Matt Caswell
On 24/10/14 21:28, Richard Könning wrote: > SSLv3 alone is vulnerable. When you decide that this vulnerability is so > large that you don't want to use SSLv3 in any case than life is easy: > deactivate the usage of SSLv3 in all clients and servers and you have > not to think about fall back to SS

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Richard Könning
Am 24.10.2014 20:47, schrieb David Li: On Fri, Oct 24, 2014 at 11:18 AM, Richard Könning mailto:richard.koenn...@ts.fujitsu.com>> wrote: At 24.10.2014 19:03, David Li wrote: I am still a little unclear by what exactly TLS_FALLBACK_SCSV option would do. What if the

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread David Li
On Fri, Oct 24, 2014 at 11:18 AM, Richard Könning < richard.koenn...@ts.fujitsu.com> wrote: > At 24.10.2014 19:03, David Li wrote: > >> I am still a little unclear by what exactly TLS_FALLBACK_SCSV option >> would do. >> >> What if the server only supports SSLv3 + TLSv1 and client only connects >

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Richard Könning
At 24.10.2014 19:03, David Li wrote: I am still a little unclear by what exactly TLS_FALLBACK_SCSV option would do. What if the server only supports SSLv3 + TLSv1 and client only connects with SSLv3? Without the patch, both would agree to SSLv3. So this is a problem. Where is the problem? Whe

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread David Li
I am still a little unclear by what exactly TLS_FALLBACK_SCSV option would do. What if the server only supports SSLv3 + TLSv1 and client only connects with SSLv3? Without the patch, both would agree to SSLv3. So this is a problem. What happens with the patch only on the server? And what happens

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Jakob Bohm
On 24/10/2014 18:19, Aditya Kumar wrote: Thanks Jakob for correcting my understanding. In short, can I conclude the following about FALLBACK flag. 1. Whenever client is sending the FALLBACK flag in its request, an updated Server will interpret it that this client supports a higher version but

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Aditya Kumar
Thanks Jakob for correcting my understanding. In short, can I conclude the following about FALLBACK flag. 1. Whenever client is sending the FALLBACK flag in its request, an updated Server will interpret it that this client supports a higher version but since that higher version protocol request wa

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Jakob Bohm
On 24/10/2014 13:33, Aditya Kumar wrote: Hi All, Thanks for your detailed responses, specially Florian Weimer and Matt Caswell. For the benefit of everyone and me, I am summarizing the thoughts which I have understood through all your replies. Please correct me wherever I am wrong. To summa

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-24 Thread Aditya Kumar
Hi All, Thanks for your detailed responses, specially Florian Weimer and Matt Caswell. For the benefit of everyone and me, I am summarizing the thoughts which I have understood through all your replies. Please correct me wherever I am wrong. To summarize: 1. Best way to prevent POODLE atta

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-22 Thread Jakob Bohm
On 21/10/2014 16:05, Florian Weimer wrote: * Jakob Bohm: The purpose of the option is to make totally broken applications a bit less secure (when they happen to certain servers). From my I meant “a bit less insecure”, as Bodo pointed out. OK, point already taken. point of view, there is o

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-21 Thread Florian Weimer
* Jakob Bohm: >> The purpose of the option is to make totally broken applications a >> bit less secure (when they happen to certain servers). From my I meant “a bit less insecure”, as Bodo pointed out. >> point of view, there is only one really good reason to have this >> client-side option—so

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-21 Thread Bodo Moeller
Florian Weimer : The purpose of the option is to make totally broken applications a bit less > secure (when they happen to certain servers). I'd claim it's meant to make totally broken applications a bit *more* secure :-) > From my point of view, there is only one really good reason to have th

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-21 Thread Jakob Bohm
On 21/10/2014 07:50, Florian Weimer wrote: On 10/20/2014 10:10 PM, Nou Dadoun wrote: Well I think I'm completely confused about this option now; "always when you fall back" seems to suggest that falling back is an application level operation (as opposed to openssl-implemented behaviour), is it

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Florian Weimer
On 10/20/2014 10:10 PM, Nou Dadoun wrote: Well I think I'm completely confused about this option now; "always when you fall back" seems to suggest that falling back is an application level operation (as opposed to openssl-implemented behaviour), is it? i.e. is the onus on the client applicat

RE: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Nou Dadoun
: SSL_MODE_SEND_FALLBACK_SCSV option On 20/10/14 21:10, Nou Dadoun wrote: > Well I think I'm completely confused about this option now; "always when you > fall back" seems to suggest that falling back is an application level > operation (as opposed to openssl-implemented behaviour), is it? i.

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Matt Caswell
On 20/10/14 21:10, Nou Dadoun wrote: > Well I think I'm completely confused about this option now; "always when you > fall back" seems to suggest that falling back is an application level > operation (as opposed to openssl-implemented behaviour), is it? i.e. is the > onus on the client appli

RE: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Salz, Rich
> Well I think I'm completely confused about this option now; "always when > you fall back" seems to suggest that falling back is an application level > operation (as opposed to openssl-implemented behaviour), is it? i.e. is the > onus on the client application to retry with a lower version if i

RE: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Nou Dadoun
0-14 11:49 AM To: openssl-users@openssl.org Subject: RE: SSL_MODE_SEND_FALLBACK_SCSV option When I said "always" I meant "always when you fall back" I was being too terse and not clear enough. Hope this helps. -- Principal Security Engineer, Akamai Technologies IM: rs...@

RE: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Salz, Rich
@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Nou Dadoun > Sent: Monday, October 20, 2014 7:08 PM > To: openssl-users@openssl.org > Subject: RE: SSL_MODE_SEND_FALLBACK_SCSV option > > This is the first time I've seen this point of view expressed but it

RE: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Nou Dadoun
This is the first time I've seen this point of view expressed but it does make evident sense - after all, the whole idea of falling back is to find a mutually acceptable version. However it conflicts with some of the previous advice I've seen on the list which recommended that SSL_MODE_SEND_FAL

Re: SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Florian Weimer
On 10/20/2014 12:50 PM, Aditya Kumar wrote: 1. Will this updated client set with TLS_FALLBACK will be able to work with un-updated Server(server using older version of OpenSSL where this FALLBACK mode is not set)? No, the behavior of existing OpenSSL applications will not change. OpenSSL will

SSL_MODE_SEND_FALLBACK_SCSV option

2014-10-20 Thread Aditya Kumar
Hi All, I have a question regarding SSL_MODE_SEND_FALLBACK_SCSV introduced in OpenSSL 0.9.8zc as part of a preventive measure for SSL 3.0 POODLE vulnerability. I have client and server applications using OpenSSL for SSL/TLS communication. My question is that what will happen if I update my clien