Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1423073375.97687.223118365.6793316D@webmail.messagingengine.com>
Date: Wed, 04 Feb 2015 12:09:35 -0600
From: Mark Felder <feld@...d.me>
To: oss-security@...ts.openwall.com
Subject: Re: Apache 2.4 mod_ssl SSLSessionTickets -- others
 vulnerable?



On Wed, Feb 4, 2015, at 11:59, Reed Loden wrote:
> ... or you could do something like what Twitter did [0] and write your
> own
> scripts to generate new session ticket keys regularly and store them only
> in a tmpfs or /dev/shm type environment.
> 
> agl also talks about this problem on his blog [1] a while ago.
> 
> As for your earlier question, nginx has the same issue here [2]. Really
> all
> comes down to OpenSSL not making it easy to do better.
> 
> ~reed
> 
> [0] https://blog.twitter.com/2013/forward-secrecy-at-twitter
> [1] https://www.imperialviolet.org/2013/06/27/botchingpfs.html
> [2]
> http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key
> 

Okay, so the failure is two-pronged: the current limitations in OpenSSL
with regards to managing session ticket keys, and the use of session
tickets when PFS cipher is negotiated.


Thanks for all the details, guys.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.