On Tue, 27 Jan 2009, Jeffrey Hutzelman wrote:
> Interesting. We only saw one case where people had problems due to a client
> with the new configuration trying to talk to a server that only supported CBC
> mode ciphers. We saw many more problems due to servers picking up the new
> configuration and becoming inaccessible to people with clients supporting only
> CBC-mode ciphers. Unfortunately, it's not always realistic to tell those
> people to upgrade their clients; there are a _lot_ of clients which don't
> support other ciphers in any version, and a lot of situations in which
> switching to a different client isn't feasible.
could you give me an example? All clients I checked had AES-CTR or
arcfour support. I'm sure there are some but I don't believe they would be
widely used. The problem for us was that S9 machines were shipped with
explicit Ciphers setting which didn't contain AES-CTR nor arcfour, not that
the server itself wouldn't support them as such.
from what we saw it should not be a big problem, we will see what
reality will bring. To keep CBC modes on the server side makes such server
potentially vulnerable without a way to control it - the client is the one
that picks the cipher. That's why we think that this step is important from
the security point of view.
--
Jan Pechanec
