Re: More on heartbeat/bleed

On Wed, Apr 16, 2014 at 8:04 PM, Erwan David <erwan@rail.eu.org> wrote:

On Wed, Apr 16, 2014 at 12:35:23PM CEST, Joel Rees <joel.rees@gmail.com> said:
>
> For those who are getting excited, don't. Take the time to understand the
> whole process, and the reason certificates and cryptographic tokens should
> be rotated, and how you go about doing it. (They should be rotated anyway,
> and if you don't, well, it's time to start leaning how, and this is as good
> a reason as any.)
>
> Incidentally, nobody does it right yet, not even the banks. In my way of
> thinking, that's a bigger problem than being able to reach blindly into a
> server's memory.

Some do, however only ther certificate expires, not the keys...

Which is one of the problems with the current way of doing things.

Secrets go stale pretty quickly. The only private keys that can safely not be rotated are the ones you never use. Any private key that is stored on a computer attached to a network should be rotated regularly.

Any private key that you don't want to have to rotate regularly should be kept on encrypted media in a strong safe behind strong locked doors (and six strong walls) that require the three highest ranking people in the organization to unlock. The computer to read it should be behind other locked doors, and should never be used for anything but reading the key and generating certificates from it..

Thus many of those who rotate the certificate just issue a new one
with existing key, just changing the dates and signing.

And that's bad.

And it was bad without the heartbeat/bleed circus. This particular buffer range error just forces the issue a bit.

I'm not advocating complacency. I'm just saying that this one vulnerability doesn't effectively change the current situation that much. And you shouldn't act without understanding what you are doing If you don't see this sort of thing coming again, you don't understand.

--
Joel Rees

Be careful where you see conspiracy.
Look first in your own heart.