Re: [TLS] TLS or HTTP issue? (was: TLS renegotiation issue)

Chris Newman <Chris.Newman@Sun.COM> Wed, 11 November 2009 23:40 UTC

Return-Path: <Chris.Newman@Sun.COM>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 148233A6931 for <tls@core3.amsl.com>; Wed, 11 Nov 2009 15:40:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.046
X-Spam-Level:
X-Spam-Status: No, score=-6.046 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_COM=0.553, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4rXyCimRPixP for <tls@core3.amsl.com>; Wed, 11 Nov 2009 15:40:45 -0800 (PST)
Received: from sca-es-mail-2.sun.com (sca-es-mail-2.Sun.COM [192.18.43.133]) by core3.amsl.com (Postfix) with ESMTP id 587B53A6B68 for <tls@ietf.org>; Wed, 11 Nov 2009 15:40:45 -0800 (PST)
Received: from fe-sfbay-09.sun.com ([192.18.43.129]) by sca-es-mail-2.sun.com (8.13.7+Sun/8.12.9) with ESMTP id nABNfDIj020393 for <tls@ietf.org>; Wed, 11 Nov 2009 15:41:13 -0800 (PST)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-disposition: inline
Content-type: text/plain; CHARSET=US-ASCII; format=flowed
Received: from conversion-daemon.fe-sfbay-09.sun.com by fe-sfbay-09.sun.com (Sun Java(tm) System Messaging Server 7u2-7.04 64bit (built Jul 2 2009)) id <0KSY00100X8NGU00@fe-sfbay-09.sun.com> for tls@ietf.org; Wed, 11 Nov 2009 15:41:13 -0800 (PST)
Received: from [10.0.1.3] ([unknown] [10.1.110.5]) by fe-sfbay-09.sun.com (Sun Java(tm) System Messaging Server 7u2-7.04 64bit (built Jul 2 2009)) with ESMTPSA id <0KSY00F5UXSNQJ20@fe-sfbay-09.sun.com>; Wed, 11 Nov 2009 15:41:13 -0800 (PST)
Date: Wed, 11 Nov 2009 15:41:11 -0800
From: Chris Newman <Chris.Newman@Sun.COM>
In-reply-to: <20091106172323.GY1105@Sun.COM>
Sender: Chris.Newman@Sun.COM
To: Nicolas Williams <Nicolas.Williams@Sun.COM>, Nikos Mavrogiannopoulos <nmav@gnutls.org>
Message-id: <F934381587F7E6C7C6FC105E@446E7922C82D299DB29D899F>
X-Mailer: Mulberry/4.0.8 (Mac OS X)
References: <73843DF9-EFCB-4B8D-913E-FE2235E5BDD3@rtfm.com> <4AF33D07.7040100@gnutls.org> <20091106172323.GY1105@Sun.COM>
Cc: Eric Rescorla <ekr@rtfm.com>, tls@ietf.org
Subject: Re: [TLS] TLS or HTTP issue? (was: TLS renegotiation issue)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Nov 2009 23:40:46 -0000

--On November 6, 2009 11:23:23 -0600 Nicolas Williams 
<Nicolas.Williams@Sun.COM> wrote:
> This vulnerability will affect different application protocols
> differently.  It certainly affects HTTP.  I think LDAP may not be
> susceptible, but I'm not sure; I'm even less sure about IMAP.

IMAP is susceptible (see my previous email).  I'm fairly certain LDAP is 
susceptible in two ways:

1. An authorized LDAP user with permission to set and read an LDAP 
attribute anywhere in the DIT can likely use the TLS renegotiation attack 
to steal another LDAP user's simple bind password.

2. If LDAP and another vulnerable service (e.g. SMTP+STARTTLS+BDAT, IMAP, 
etc) have server certificates with the same hostname, then an authorized 
user of one of those other services can steal another user's LDAP simple 
bind password.

		- Chris