[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: disable TLS compression with openssl?
Dieter Klünter wrote:
Am Sun, 06 Dec 2015 19:27:31 -0800
schrieb "Paul B. Henson" <henson@acm.org>:
We're currently running through all of our SSL/TLS using apps to
disable SSLv3 and update the accepted ciphers list, as well as other
current best practices. I don't see any way to disable SSL
compression in openldap?
OpenLDAP does not enable compression so there is nothing to disable.
Does SSL compression with ldap traffic not
lead to the same issue as it does in web traffic?
No, it does not have the same issue. The CRIME attack works because http is a
stateless protocol and so clients repeatedly send their
authentication/authorization credentials in cookies attached to every request.
In particular, the exact format of each request is known and it's trivial to
create a request with plaintext chosen to guess at the credential portion.
The CRIME attack does not work against LDAP or other stateful protocols where
credentials are only sent once.
You probabely should read
https://community.qualys.com/blogs/securitylabs/2012/09/14/crime-information-leakage-attack-against-ssltls
https://www.openssl.org/docs/manmaster/ssl/SSL_COMP_add_compression_method.htm
Also, are there any plans to support ECDHE ciphers in openldap? I see
there's an ITS ticket about it, it's rather old and the last update
questioned whether those ciphers should be avoided due to potential
NSA meddling in their design.
At LDAPcon 2015 it was announced to be included in OpenLDAP-2.5
-Dieter
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/