On 10/16/2014 10:42 PM, Nou Dadoun wrote:
A few short (simple) questions about the use of TLS_FALLBACK_SCSV since
we’re currently upgrading to the latest openssl releases.

We don’t establish sessions with any other products than our own clients
and servers.

We’ve already disabled the use of SSLv3 in both our client and server
releases going forward, is there any advantage in also using
TLS_FALLBACK_SCSV – i.e. will there be any benefit in connecting to our
already deployed clients and servers?

No, there is no benefit from TLS_FALLBACK_SCSV in this context. It only helps clients which bypass the TLS downgrade protection, clients which explicitly disable newer protocol versions which contain the fixes for vulnerabilities discovered in SSL 3.0.

(I actually don’t think that we’re vulnerable to POODLE since we don’t
use anything like encrypted cookies or repeated messages that could be
used to exploit padding changes to “peel off” decoded chunks.  Is there
any other mechanism to exploit this would make us vulnerable?)

You are not vulnerable because SSL 3.0 has been fixed years ago, and OpenSSL automatically applies the relevant protocol fixes (unless you have told the library not to do this). For technical reasons, the protocol version number had to be bumped (this is just the way you fix broken protocols), and for non-technical reasons, we call these protocol fixes TLS 1.0, 1.1, 1.2 instead of SSL 3.1, 3.2, 3.3.

Florian Weimer / Red Hat Product Security
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to