Re: Re: CVE-2009-3555 not addressed in OpenSSL
Anyway, the proper fix would be to backport the RFC5746 changes.
Now, what's the argument for not doing it properly? :-)
But the other end will also require that support for it to work.
Not long ago, this was a chicken-and-egg problem with the clients and
servers. But at this point most other vendors have patched to add RFC
and so on...
Debian is unfortunately lagging conspicuously here. Yes, behind MS.
You're probably better off avoiding renegotiation.
There are a couple of subtle limitations of this logic:
* Some people need renegotiation. They aren't particularly many, and
they aren't particularly vocal, but if you need it, you really need it.
* There is absolutely no way for the client to tell if the server is
performing an unsafe renegotiation at the time the client is expected to
hand over his session cookie (and/or sign with his client cert). Unless,
of course, he has successfully negotiated the use of RFC 5746 then can
be confident that continuing the connection is safe.
Eventually client apps will refuse to talk to servers that don't support
RFC 5746 just as today they refuse to talk SSLv2. Browsers are starting
to warn about it today:
By not supporting RFC 5746 on the server side, even if the server knows
that it will never renegotiate, it prolongs for everyone the delay until
clients can stop making potentially insecure connections. In this sense,
it is a shared ecosystem problem.
As a long-term Debian user myself, I appeal to Debian's sense of
enlightened self-interest and urge that RFC 5746 support be backported