On 1/24/2012 8:41 PM, Evgeniy Khramtsov wrote:
On 25.01.2012 09:30, Mike Wacker wrote:
I saw this in RFC 6120:
"To reduce the possibility of a denial-of-service attack, (a) the
receiving entity SHOULD NOT close the stream with a <see-other-host/>
stream error until after the confidentiality and integrity of the
stream have been protected via TLS or an equivalent security layer
(such as the SASL GSSAPI mechanism), and (b) the receiving entity MAY
have a policy of following redirects only if it has authenticated the
receiving entity. In addition, the initiating entity SHOULD abort the
connection attempt after a certain number of successive redirects
(e.g., at least 2 but no more than 5)."
Does anyone have any clarification to this section and the specific
DoS threat if TLS (or authentication) does not happen before
<see-other-host>?
Indeed, what problem could occur with unauthenticated redirections?
I see, then it would be moreso a tampering threat than a DoS threat, no?
So basically, I want to know that the server I'm connecting to is
legitimate and that my connection is secure before I trust the contents
of that redirect from the server.
Also, is there a typo in (b), it sounds like it should read "(b) the
*initiating* entity MAY have a policy of following redirects only if it
has authenticated the receiving entity"
