MAC padding (Debian Bug #390712)
ametzler at downhill.at.eu.org
Thu Jan 3 16:51:00 CET 2008
On 2008-01-03 Marc Haber <mh+gnutls-devel at zugschlus.de> wrote:
> Debian Bug #390712, http://bugs.debian.org/390712
> Simon writes:
> > Appears to be triggered by GnuTLS implementing MAC padding to solve a
> > security problem in TLS. OpenSSL reportedly does not implement the
> > same work around, and would thus appear to be vulnerable to that
> > problem.
> > Conclusion: Appears to be a ???wontfix??? bug. Personally, I think GnuTLS
> > could provide a simpler mechanism to disable MAC padding if
> > applications deem this necessary. Someone could double check how
> > important the MAC padding security concern is.
> I disagree about the "wontfix" bug. We have an interoperability issue
> here, where the end user notices "things work when I use OpenSSL or do
> not use TLS at all, only GnuTLS breaks". In the result, the end user
> will use OpenSSL or no TLS at all, which reduces GnuTLS user base and
> cryptography coverage.
> I would like to see a mechanism to disable MAC padding if it is really
> the culprit here.
AFAIUI that has been done on the gnutls side of things:
* Version 2.0.3 (released 2007-11-10)
** Added gnutls_record_disable_padding() to allow servers talking to
buggy clients that complain if the TLS 1.0 record protocol padding is
** Introduced gnutls_session_enable_compatibility_mode() to allow
enabling all supported compatibility options (like disabling padding).
thanks, cu andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Gnutls-devel