httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <>
Subject APLN negotiation and TLS cross-protocols attack
Date Thu, 10 Jun 2021 11:27:56 GMT
In short: there is the possibility of a middle-man tricking a client into accepting the response
from another TLS server, if it uses the same certificate. This seems to be in the open, so
we can talk about it here.

People think about how to prevent this and enforce stricter ALPN negotiation. But it is hairy
since ALPN has been deployed for over 5 years. Breakage may ensue.

Our server is also 'relaxed' about this. If you look at ssl_engine_kernel.c#2760, if no protocol
overlap was found, we continue the handshake as if no ALPN was supplied at all.

I guess we can always add a "SSLStrictALPN on", but let's see where this discussion goes.

- Stefan

golang ticket:
Twitter thread:
View raw message