httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: Fwd: Client Initiated Renegotiation after 0.9.8l
Date Thu, 14 Apr 2011 09:28:34 GMT
On Thu, Apr 14, 2011 at 03:57:32AM -0500, William Rowe wrote:
> Looking at current 2.2.17 httpd with openssl 0.9.8o, and using 0.9.8o to attempt
> to 'R'enegotiate, the report appears accurate.

Yup, it's a legacy of the patch for CVE-2009-3555; the prevention of 
client-initiated reneg has never been relaxed.  It would be simple to 
change the code to allow client-initiated reneg iff secure reneg is 
supported by both sides.

There was a discussion on this topic recently at the IETF TLS list:

http://thread.gmane.org/gmane.ietf.tls/8335/focus=8358

If it's true that IIS also rejects client-initiated reneg (per claim in 
that thread), I'd say there is no imperative to change mod_ssl's 
behaviour from an interop perspective.  

You can argue for "correctness"; the protocol allows a client-initiated 
reneg, so why should mod_ssl disable it?  I don't find that terribly 
compelling; reneg and HTTP over SSL is a conceptual mess, and a 
significant proportion of the security issues in mod_ssl have been 
reneg-related (though maybe that sounds FUDdish).

So I tend towards "less renegotiation is good"; very interested to hear 
other opinions.

Regards, Joe


Mime
View raw message