[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS renotiation

Emmanuel Lecharny wrote:
> Howard Chu wrote:
>> Ludovic Poitou wrote:
>>> Howard,
>>> Our security expert at Sun consider that the attack could be applied to
>>> LDAP, although it will be more complex to achieve for all the good
>>> reasons you've outline (session-oriented, with explicit authentication
>>> attached to a session, and is a record-oriented ASN.1 encoded protocol
>>> with precisely defined message structure).
>>> The renegotiation in the attack is as far as I understand, driven by the
>>> man in the middle, and so even though OpenLDAP slapd never request the
>>> renegociation, it is still subject to the attack.

>> Hi Ludo, thanks for the note. Kurt and I were discussing this offline and he
>> has suggested a possible attack as well. I'm still not convinced of the
>> details but we'll continue to investigate.

> Wondering if we (ApacheDS) can be a possible target, assuming that we 
> are Java based. Any idea ?

Kurt will be posting a more extensive message on the topic later. I suppose
your degree of exposure depends on certain details of your implementation of
ldaps:// and/or StartTLS. In the case of OpenLDAP, it is impossible for a MITM
to perform a privilege escalation with this attack. There are other things an
attacker could do, such as nullifying a particular client request. It amounts
to being able to DOS a specific client or a specific user, which is
interesting and annoying, but also highly traceable...

  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/