[gnutls-devel] disabling SSL 3.0 by default in 3.4.0

Peter Williams home_pw at msn.com
Thu Oct 16 00:50:26 CEST 2014

Folks are “Rushing” because, last week, this was not even on the radar - even though the use of standards committees to engineer-in cbc mode oracle attacks has been going on for 20 years. Same goes for the packet drivers and their careful reaction to inbound bit patterns that changes the code path takes, that then play the role of the JavaScript “in the latest cbc mode oracle attack”.

And so it continues (in this or other guise). Strange that folks just WONT handshake, at the end of APDU exchange (since it has so little cost, 20 years on)

Don't really know what to recommend, when the “trustworthy” technical standards forums (IETF) or their review processes (IESG) are themselves fundamentally untrustworthy, in any crypto matter. Everyone knows US delegation to ISO/ITU-T was always an arm of dept of state (and woe betide anyone expenses payment, if you stepped out of line…)

I asked Steve Kent once, exempting a French official report on the crash of a Russian jet at an air show (due to French spying) - why the report should be trusted - since it was an obvious cover up (and actively misrepresented culpability concerning deaths in the crowd).. His answer was - that “official trust” exists to be manipulated - when one is dealing with national security issues. The “investment” in standards was there to project such trust attacks, and engineer an deception-friendly environment, focused on human weakness, consumer or admin (or crypto officer) alike.

Have fun.

Sent from Surface Pro

From: Daniel Kahn Gillmor
Sent: ‎Wednesday‎, ‎October‎ ‎15‎, ‎2014 ‎3‎:‎17‎ ‎PM
To: Peter Williams, Tim Rühsen, gnutls-devel at gnu.org
Cc: GnuTLS development list

On 10/15/2014 05:40 PM, Peter Williams wrote:
> Some of us still use ssl v2
> Dont rush, like lemmings.

we are well past the time that anyone who removes either sslv2 or sslv3
can be accused of "rushing" -- if you have special use cases that enable
you to privately use custom/non-standard protocols in ways that you
think are secure, that's fine.  No one will prevent you from doing that.

But please don't encourage the use of protocols with known problems on
the public 'net, where people need to interoperate with each other over
a known-hostile network.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20141015/e40bd9cc/attachment-0001.html>

More information about the Gnutls-devel mailing list