IETF Logo Mail Archive

Re: [TLS] MS14-066 and the TLS premaster secret version check

Yuhong Bao <yuhongbao_386@hotmail.com> Wed, 26 November 2014 01:17 UTC

Return-Path: <yuhongbao_386@hotmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9B871A7021 for <tls@ietfa.amsl.com>; Tue, 25 Nov 2014 17:17:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.66
X-Spam-Level:
X-Spam-Status: No, score=-1.66 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D5HhrMQNW8QJ for <tls@ietfa.amsl.com>; Tue, 25 Nov 2014 17:17:32 -0800 (PST)
Received: from BLU004-OMC4S25.hotmail.com (blu004-omc4s25.hotmail.com [65.55.111.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4E1411A6FAC for <tls@ietf.org>; Tue, 25 Nov 2014 17:17:32 -0800 (PST)
Received: from BLU177-W40 ([65.55.111.137]) by BLU004-OMC4S25.hotmail.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.22751); Tue, 25 Nov 2014 17:17:31 -0800
X-TMN: [wtVzHEah86OZwAoFlQVGMJYEzrkGlmvF]
X-Originating-Email: [yuhongbao_386@hotmail.com]
Message-ID: <BLU177-W40676C810F9BCAB8C860A0C3700@phx.gbl>
From: Yuhong Bao <yuhongbao_386@hotmail.com>
To: Andrei Popov <andrei.popov@microsoft.com>, "tls@ietf.org" <tls@ietf.org>, "mrex@sap.com" <mrex@sap.com>
Date: Tue, 25 Nov 2014 17:17:31 -0800
Importance: Normal
In-Reply-To: <BN3PR0301MB1250AA21EFB9649DD8AE40858C700@BN3PR0301MB1250.namprd03.prod.outlook.com>
References: <BLU177-W41509B9090B70F71C074CAC3730@phx.gbl>, <BN3PR0301MB12502D23F123924A138DB3F48C730@BN3PR0301MB1250.namprd03.prod.outlook.com>, <BLU177-W29DCCEF437786974F9584C3700@phx.gbl>, <BN3PR0301MB1250AA21EFB9649DD8AE40858C700@BN3PR0301MB1250.namprd03.prod.outlook.com>
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginalArrivalTime: 26 Nov 2014 01:17:31.0662 (UTC) FILETIME=[C075CAE0:01D00916]
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/2Ptxt3-ridQLtD057rLE-4trie8
Subject: Re: [TLS] MS14-066 and the TLS premaster secret version check
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Nov 2014 01:17:34 -0000

The point was that since a new version of SChannel will be shipped with the new update anyway,
it should be easy to backport the fix for the TLS premaster secret version check to this new version.

----------------------------------------
> From: Andrei.Popov@microsoft.com
> To: yuhongbao_386@hotmail.com; tls@ietf.org; mrex@sap.com
> Subject: RE: [TLS] MS14-066 and the TLS premaster secret version check
> Date: Wed, 26 Nov 2014 01:13:58 +0000
>
>> I asked because it backported a lot of Win8.1 SChannel in addition to the security fixes.
>
> In addition to security fixes, MS14-066 includes a back-port of cipher suites added by KB 2919355 (http://support.microsoft.com/kb/2919355).
>
> Unfortunately, MS14-066 includes the wrong version of a kernel binary, so it only adds the new ciphers for user-mode SSPI callers. When a kermel-mode SSPI caller (e.g. HTTP.SYS) negotiates one of the newly added cipher suites, the connection fails at the end of the handshake. Update 3018238 disables these new cipher suites, for now.
>
>> To be honest, they screwed up the backport of the new GCM cipher suites anyway, and to fix this will require a new SChannel, right?
>
> I expect that there will be a new update that will include the correct binaries, so the new cipher suites will work for the kernel-mode SSPI callers.
>
> Cheers,
>
> Andrei
>
> -----Original Message-----
> From: Yuhong Bao [mailto:yuhongbao_386@hotmail.com]
> Sent: Tuesday, November 25, 2014 4:38 PM
> To: Andrei Popov; tls@ietf.org; mrex@sap.com
> Subject: RE: [TLS] MS14-066 and the TLS premaster secret version check
>
> I asked because it backported a lot of Win8.1 SChannel in addition to the security fixes.
> To be honest, they screwed up the backport of the new GCM cipher suites anyway, and to fix this will require a new SChannel, right?
>
> ----------------------------------------
>> From: Andrei.Popov@microsoft.com
>> To: yuhongbao_386@hotmail.com; tls@ietf.org; mrex@sap.com
>> Subject: RE: [TLS] MS14-066 and the TLS premaster secret version check
>> Date: Tue, 25 Nov 2014 23:43:03 +0000
>>
>> Hi Yuhong,
>>
>> The interop problem related to premaster secret version check is resolved in Win8 and above.
>>
>> MS14-066 is not related: it fixes a few security issues we found internally.
>>
>> Cheers,
>>
>> Andrei
>>
>> -----Original Message-----
>> From: TLS [mailto:tls-bounces@ietf.org] On Behalf Of Yuhong Bao
>> Sent: Tuesday, November 25, 2014 3:07 AM
>> To: tls@ietf.org; mrex@sap.com
>> Subject: [TLS] MS14-066 and the TLS premaster secret version check
>>
>> Has the incorrect premaster secret version check described in this been fixed in MS14-066:
>> http://www.ietf.org/mail-archive/web/tls/current/msg08139.html
>>
>> Yuhong Bao
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email