[langsec-discuss] cross-posting a bit on Heartbleed
daira at jacaranda.org
Fri Apr 11 15:17:02 UTC 2014
On 11/04/14 03:45, dan at geer.org wrote:
> This fragment from the randombit.net crypto list as this perhaps
> the clearest "langsec" cue I've yet seen. Perhaps it is time for
> a broadside.
> ------- Forwarded Message
> Date: Thu, 10 Apr 2014 09:29:52 +1000
> From: "James A. Donald" <jamesd at echeque.com>
> To: cryptography at randombit.net
> Subject: Re: [Cryptography] The Heartbleed Bug is a serious vulnerability in OpenSSL
> On 08/04/14 11:46, ianG wrote:
>>> We have here a rare case of a broad break in a security protocol leading
>>> to compromise of keys.
> On 2014-04-09 21:53, Alan Braggins wrote:
>> Though it's an implementation break, not a protocol break.
> Not exactly. The protocol failed to define a response to nonsensical
> records. The bug was that the protocol responded to invalid records
> the same way as if they were valid.
> The protocol should have said "a valid record shall satisfy the
> following requirements. Invalid records shall be silently discarded
> and all actions that depend on them silently terminated."
Actually the protocol *did* specify that:
# If the payload_length of a received HeartbeatMessage is too large,
# the received HeartbeatMessage MUST be discarded silently.
Daira Hopwood ⚥
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 555 bytes
Desc: OpenPGP digital signature
More information about the langsec-discuss