|Main Archive Page > Month Archives > full-disclosure-uk archives|
I haven't been wildly impressed by Digest as implemented in browsers, but it's a legitimate point that Digest has of at least *some* of the URI embedded into it, so the TLS reneg attack can be somewhat mitigated by leveraging that. Empirically though, this is going to be a big pain in the butt, not least of which is the dramatic change to the user experience.
On Wed, Jan 6, 2010 at 2:15 AM, Timothy D. Morgan <firstname.lastname@example.org>wrote:
> Some of you may be interested in this short technical note which
> includes some recent observations about TLS renegotiation and other
> Comments welcome,
> Recent history has proven that web communications security is highly
> lacking in redundancy. That is, simple breaks in common protocols,
> such as SSL/TLS or the authentication mechanisms which support it,
> often lead to catastrophic gaps in security. Recent examples of this
> fragile architecture abound, and even when protocols and
> implementations themselves are sound, research indicates browser user
> interfaces continue to leave room for serious attacks.
> This paper explores how the seldom-used HTTP digest authentication
> protocol can be used to mitigate certain recent forms of attack,
> including SSL/TLS renegotiation and some types of HTTP request
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/