Re: [Bug-wget] SSL Poodle attack
On Wed, Oct 15, 2014 at 11:57:47AM +0200, Tim Rühsen wrote: (means, the libraries defaults are used, whatever that is). Should we break compatibility and map 'auto' to TLSv1 ? For the security of the users. Please no. Instead of changing each TLS program, one should patch only the TLS library. This is the reason why why have shared libraries. So just report the issue to your vendor, he will fix few TSL implementations he delivers and all application will get fixed automatically. -- Petr pgpt4V8rcL4IP.pgp Description: PGP signature
Re: [Bug-wget] SSL Poodle attack
Am Mittwoch, 15. Oktober 2014, 13:45:18 schrieb Petr Pisar: On Wed, Oct 15, 2014 at 11:57:47AM +0200, Tim Rühsen wrote: (means, the libraries defaults are used, whatever that is). Should we break compatibility and map 'auto' to TLSv1 ? For the security of the users. Please no. Instead of changing each TLS program, one should patch only the TLS library. This is the reason why why have shared libraries. So just report the issue to your vendor, he will fix few TSL implementations he delivers and all application will get fixed automatically. Hi Petr, I tried to make clear that Wget *explicitely* asks for SSLv2 and SSLv3 in the default configuration when compiled with OpenSSL. Whatever the OpenSSL library vendor is doing... it won't affect Wget in this case. So with your attitude, you won't ever be safe ever from Poodle (I guess). And again my question: should we change the default behaviour of future versions of Wget ? With other words: since we know, the library vendor wouldn't help in the above case, what can we do to secure Wget ? Tim signature.asc Description: This is a digitally signed message part.
Re: [Bug-wget] SSL Poodle attack
On 10/15/2014 03:10 PM, Tim Rühsen wrote: I tried to make clear that Wget *explicitely* asks for SSLv2 and SSLv3 in the default configuration when compiled with OpenSSL. Whatever the OpenSSL library vendor is doing... it won't affect Wget in this case. So with your attitude, you won't ever be safe ever from Poodle (I guess). And again my question: should we change the default behaviour of future versions of Wget ? With other words: since we know, the library vendor wouldn't help in the above case, what can we do to secure Wget ? hm, i think Tim is on to something here: by default, wget should use the default ciphersuites and protocol versions selected by the TLS library. Tweaking the default choices in wget itself tends to make wget more brittle than the underlying library. The only way that should work to try to improve security in wget via TLS implementation preference strings is if the preference string is explicitly a minor modification of some system default. This may or may not be possible depending on the preference string syntax of the selected TLS implementation. (e.g. [for OpenSSL] if the system default is always explicitly referenced as DEFAULT and we decide that we never want wget to use RC4, then DEFAULT:-RC4 is a sensible approach, because it allows OpenSSL to update DEFAULT and wget gains those improvements automatically) --dkg signature.asc Description: OpenPGP digital signature
Re: [Bug-wget] SSL Poodle attack
On 10/15/2014 05:37 PM, Daniel Stenberg wrote: On Wed, 15 Oct 2014, Daniel Kahn Gillmor wrote: (e.g. [for OpenSSL] if the system default is always explicitly referenced as DEFAULT and we decide that we never want wget to use RC4, then DEFAULT:-RC4 is a sensible approach, because it allows OpenSSL to update DEFAULT and wget gains those improvements automatically) I disagree. OpenSSL is but a TLS library that provides functionality - and it does so rather conservatively in my view. It does not necessarily set the security standard for what applications should aim for in a good manner. SSL_DEFAULT_CIPHER_LIST for OpenSSL in my debian unstable (== fairly recent version 1.0.1i) says ALL:!aNULL:!eNULL:!SSLv2. That means it allows EXPORT40, EXPORT56 and LOW for example (if I'm not missing something), in addition to RC4. Those are terribly weak ciphers. OpenSSL ciphers list is at https://www.openssl.org/docs/apps/ciphers.html I agree that OpenSSL has traditionally been too conservative. I'm arguing that if we're going to set anything other than the default, we should make our changes as *relative* changes rather than specifying something absolute, so that wget can get any improvements that OpenSSL makes to the default without having to rebuild wget itself. --dkg signature.asc Description: OpenPGP digital signature
Re: [Bug-wget] SSL Poodle attack
On Wed, 15 Oct 2014, Daniel Kahn Gillmor wrote: I agree that OpenSSL has traditionally been too conservative. I'm arguing that if we're going to set anything other than the default, we should make our changes as *relative* changes rather than specifying something absolute, so that wget can get any improvements that OpenSSL makes to the default without having to rebuild wget itself. Ah right, sorry for that detour. This sounds like a sensible approach indeed. -- / daniel.haxx.se
