[langsec-discuss] cross-posting a bit on Heartbleed

Daira Hopwood daira at jacaranda.org
Fri Apr 11 15:17:02 UTC 2014


On 11/04/14 03:45, dan at geer.org wrote:
> 
> This fragment from the randombit.net crypto list as this perhaps
> the clearest "langsec" cue I've yet seen.  Perhaps it is time for
> a broadside.
> 
> --dan
> 
> ------- Forwarded Message
> 
> Date: Thu, 10 Apr 2014 09:29:52 +1000
> From: "James A. Donald" <jamesd at echeque.com>
> To: cryptography at randombit.net
> Subject: Re: [Cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
> 
> On 08/04/14 11:46, ianG wrote:
>>> We have here a rare case of a broad break in a security protocol leading
>>> to compromise of keys.
> 
> On 2014-04-09 21:53, Alan Braggins wrote:
>> Though it's an implementation break, not a protocol break.
> 
> Not exactly.  The protocol failed to define a response to nonsensical
> records.  The bug was that the protocol responded to invalid records
> the same way as if they were valid.
> 
> The protocol should have said  "a valid record shall satisfy the
> following requirements.  Invalid records shall be silently discarded
> and all actions that depend on them silently terminated."

Actually the protocol *did* specify that:

https://tools.ietf.org/html/rfc6520#section-4

#   If the payload_length of a received HeartbeatMessage is too large,
#   the received HeartbeatMessage MUST be discarded silently.

-- 
Daira Hopwood ⚥

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140411/80924f07/attachment.pgp>


More information about the langsec-discuss mailing list