Reviewer: Kathleen Moriarty Review result: Has Issues Greetings!
Sorry for my late review. In reviewing the draft, there are 2 easily resolvable findings. The first is that the term "cross mode" is used and never defined. Tracing back to the reference provided, the closest I could find to "cross mode" was the following text in RFC 9459: "To avoid cross-protocol concerns, implementations MUST NOT use the same keying material with more than one mode. For example, the same keying material must not be used with AES-CTR and AES-CBC." Matching the language or proving a definition would help to resolve this concern. Second, as I was reading the draft, anther security consideration became clear and should be added. An attacker can easily avoid fingerprinting detection or signature detection by rotating the ciphersuite whether it be defined or polymorphic. If programmed to rotate, then the results will look different. Awareness of flexibility in protocols to conduct attacks should be explicitly stated so that OWASP can write up mitigations sooner rather than later when attacks become prevalent. Thank you for addressing the concerns! I did check the has issues, but do think these are very easily addressed. Best regards, Kathleen _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
