IETF Logo Mail Archive

I-D Action:draft-mrex-tls-secure-renegotiation-00.txt

Internet-Drafts@ietf.org Mon, 23 November 2009 16:00 UTC

Return-Path: <root@core3.amsl.com>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@core3.amsl.com
Received: by core3.amsl.com (Postfix, from userid 0) id 1F44B3A6A7D; Mon, 23 Nov 2009 08:00:01 -0800 (PST)
From: Internet-Drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action:draft-mrex-tls-secure-renegotiation-00.txt
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
Message-Id: <20091123160002.1F44B3A6A7D@core3.amsl.com>
Date: Mon, 23 Nov 2009 08:00:02 -0800
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i-d-announce>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2009 16:00:02 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : Transport Layer Security (TLS) Secure Renegotiation
	Author(s)       : M. Rex
	Filename        : draft-mrex-tls-secure-renegotiation-00.txt
	Pages           : 15
	Date            : 2009-11-23

A protocol design flaw in the TLS renegotiation handshake leaves all
currently implemented protocol version of TLS (SSLv3 to TLSv1.2)
vulnerable to Man-in-the-Middle (MitM) attacks where the attacker can
establish a TLS session with a server, send crafted application data
of his choice to the server and then proxy an unsuspecting client's
TLS handshake into the TLS renegotiation handshake of the server. The
application on top of TLS sees the data injected by the attacker and
the data sent by the client as a single data stream and assumes that
an authentication during the TLS renegotiation handshake or contained
in the application data from the client applies to the entire data
stream received through the TLS-protected communication channel.

This document describes a protocol change for all protocol versions
of TLS plus SSLv3 that will fix this vulnerability for all
communication between updated TLS clients and updated TLS servers.

IMPORTANT: _All_ existing implementations of TLS and SSLv3 will have
to be updated, including those that have TLS renegotiation disabled
and even those that do not implement TLS renegotiation at all!

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-mrex-tls-secure-renegotiation-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
ftp://ftp.ietf.org/internet-drafts/draft-mrex-tls-secure-renegotiation-00.txt"><ftp://ftp.ietf.org/internet-drafts/draft-mrex-tls-secure-renegotiation-00.txt>

v2.23.0 | Report a Bug | By Email