Nadim Kobeissi: > > On 2013-07-05, at 3:15 AM, Jacob Appelbaum <ja...@appelbaum.net> wrote: > >> Nadim Kobeissi: >>> Hello everyone, >>> I urge you to read our response at the Cryptocat Development Blog, which >>> strongly clarifies the situation: >>> >>> https://blog.crypto.cat/2013/07/new-critical-vulnerability-in-cryptocat-details/ >>> >> >> Has there been a rotation of the certificate and keying material for all >> services that serve CryptoCat chat traffic? > > Rest assured we're working on it as an extra precaution (as mentioned in the > blog post). Also, our services use SSL forward secrecy. >
I'm not really assured and I think I should clarify something that is perhaps slipping past like a ship in the night. I went to crypto.cat in Chrome only to find myself not connected in a forward secure manner. According to ssllabs[0], CryptoCat supports some odd SSL/TLS configurations: Protocols TLS 1.2 Yes TLS 1.1 No TLS 1.0 No SSL 3.0 Yes SSL 2.0 No Further more - it appears that CryptoCat supports SSL_RSA_WITH_RC4_128_SHA, as well as other non-forward secure modes Is there really any reason to support such a mode with 3DES in 2013 for this kind of service? Also, I'm not sure if this is obvious but it appears that many users may be using SSL 3.0: Chrome 27 SSL 3 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward Secrecy 128 Firefox 21 SSL 3 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward Secrecy 128 Internet Explorer 10 SSL 3 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) Forward Secrecy 128 Safari iOS 6.0.1 TLS 1.2 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward Secrecy 128 Safari 5.1.9 SSL 3 TLS_ECDHE_RSA_WITH_RC4_128_SHA (0xc011) Forward Secrecy 128 RC4 is not my favorite choice when all the other crypto has failed. Do you know how many users are impacted? How many users are actually choosing the forward secret protocols? All the best, Jacob [0] https://www.ssllabs.com/ssltest/analyze.html?d=crypto.cat _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography