Failure using ECDH-RSA-AES256-SHA with ssl3 on Master Branch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, Mar 21, 2015 at 06:58:38AM +0000, Viktor Dukhovni wrote:

> > Don't check that the curve appears in the list of acceptable curves for the
> > peer, if they didn't send us such a list (for example this will always be
> > the case in SSL3)
> 
> Are you sure that's a bug.  I recall a recent discussion that
> specifically pointed out that we should not negotiate ECDH when
> the relevant extension is not sent.  We have no idea which curves
> the client supports, and therefore can't choose any.
> 
> IIRC the current behaviour is a bug fix, and any prior use of ECDH
> with SSLv3 was wrong.

Perhaps I recall incorrectly.  Looking at RFC 4492, it seems that
if the client sends no information, the server is free to choose
any supported curve.  Still clients that support EC really should
send the relevant extensions.

-- 
	Viktor.


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux