Home page logo
/

nanog logo nanog mailing list archives

Re: Security team successfully cracks SSL using 200 PS3's and MD5
From: "Christopher Morrow" <morrowc.lists () gmail com>
Date: Sat, 3 Jan 2009 22:55:34 -0500

On Sat, Jan 3, 2009 at 1:41 PM, Nick Hilliard <nick () foobar org> wrote:
Christopher Morrow wrote:
This is a function of an upgrade (firefox3.5 coming 'soon!') for
browsers, and for OS's as well, yes? So, given a future flag-day (18
months from today no more MD5, only SHA-232323 will be used!!)
browsers for the majority of the market could be upgraded. Certainly
there are non-browsers out there (eudora, openssl, wget,
curl..bittorrent-clients, embedded things) which either will lag more
or break all together.

I think you might be downplaying the size of the problem here.  X.509 and

I wasn't, not intentionally.. I was trying to address the problem
which the researchers harped on, and which seems like the hot-button
for many folks: "oh my, someone can intercept https silently!!"

I understand there are LOTS of things out there using certs for all
manner of not-http things. I also understand that by telling a browser
class that they shouldn't accept anything but sha-X seems workable. I
suppose having the CA's kick out ONLY SHA-X is a bad plan, but ...
maybe letting cert requestors select the hash funciton (not md5) is
better? (or a step in the right direction at least)

TLS/SSL isn't just used for browsers, but for a wide variety of places
where there is a requirement for PKI based security.  So when you talk
about a flag day for dealing with SHA-X (where X != 1), have you considered
the logistical problems of upgrading all those embedded devices around the
world?  The credit card terminals?  The tiny CPE vpn units?  The old

I had... yup.

machine in the corner which handles corporate sign-on, where the vendor has
now gone bust and no-one has the source code.  And the large web portal
which had a whole bunch of local apache customisations based on apache
1.3.x and where the original developers left for greener pa$ture$, and
no-one in-house really understands what they did any longer.  Etc, etc.

It's different if you have a protocol which allows parameter negotiation to
deal with issues like this, but not so good when you don't.

agreed, 100%. There are also lots of folks using certs internally for
all manner of oddball reasons... signed on their own CA (perhaps
chained to a 'real' CA, perhaps not). They'll have to be accomodated
as well, of course.

-chris


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]