[Syslog] DTLS renegotiation
"Joseph Salowey (jsalowey)" <jsalowey@cisco.com> Sun, 07 March 2010 22:29 UTC
Return-Path: <jsalowey@cisco.com>
X-Original-To: syslog@core3.amsl.com
Delivered-To: syslog@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 60B263A8A33 for <syslog@core3.amsl.com>; Sun, 7 Mar 2010 14:29:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vdEgMGVuKFqR for <syslog@core3.amsl.com>; Sun, 7 Mar 2010 14:29:24 -0800 (PST)
Received: from sj-iport-5.cisco.com (sj-iport-5.cisco.com [171.68.10.87]) by core3.amsl.com (Postfix) with ESMTP id 967F43A6920 for <syslog@ietf.org>; Sun, 7 Mar 2010 14:29:24 -0800 (PST)
Authentication-Results: sj-iport-5.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEALe3k0urR7H+/2dsb2JhbACbRnOgHpdChHgEgxc
X-IronPort-AV: E=Sophos;i="4.49,599,1262563200"; d="scan'208";a="162069548"
Received: from sj-core-2.cisco.com ([171.71.177.254]) by sj-iport-5.cisco.com with ESMTP; 07 Mar 2010 22:29:28 +0000
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id o27MTS7v027738 for <syslog@ietf.org>; Sun, 7 Mar 2010 22:29:28 GMT
Received: from xmb-sjc-225.amer.cisco.com ([128.107.191.38]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Sun, 7 Mar 2010 14:29:28 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Sun, 07 Mar 2010 14:29:25 -0800
Message-ID: <AC1CFD94F59A264488DC2BEC3E890DE509C5B96D@xmb-sjc-225.amer.cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: DTLS renegotiation
Thread-Index: Acq+RaRsuyzh+nlURgKHbyrKUt4oWg==
From: "Joseph Salowey (jsalowey)" <jsalowey@cisco.com>
To: syslog@ietf.org
X-OriginalArrivalTime: 07 Mar 2010 22:29:28.0270 (UTC) FILETIME=[A62146E0:01CABE45]
Subject: [Syslog] DTLS renegotiation
X-BeenThere: syslog@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Issues in Network Event Logging <syslog.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/syslog>
List-Post: <mailto:syslog@ietf.org>
List-Help: <mailto:syslog-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/syslog>, <mailto:syslog-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Mar 2010 22:29:25 -0000
Richard pointed out that we should cover issues DTLS renegotiation. Recently, as you may have been aware, there have been vulnerabilities discovered with TLS renegotiation. In general, DTLS tends to be less vulnerable to the attacks described, but there still can be issues. During renegotiation new parameters can be renegotiated for the connection and, with most libraries, the application does not know that a change occurred. In general I think it would be best to avoid renegotiation, however this means that in the case of extremely long lived connections the connection will need to be broken and started again at some point. Below is the text I suggest adding to the security considerations of the document. 8.1 DTLS Renegotiation TLS and DTLS renegotiation may be vulnerable to attacks described in RFC 5746. Although RFC 5746 provides a fix for some of the issues, renegotiation can still cause problems for applications since connection security parameters can change without the application knowing it. There for it is RECOMMENDED that renegotiation be disabled for syslog over DTLS. If, for some reason, renegotiation is allowed then the specification in RFC 5746 MUST be followed and the implementation MUST make sure that the connection security parameters do not change during renegotiation.
- [Syslog] DTLS renegotiation Joseph Salowey (jsalowey)
- Re: [Syslog] DTLS renegotiation tom.petch
- Re: [Syslog] DTLS renegotiation Joseph Salowey (jsalowey)