Create an account

Subscribe to LWN

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

TLS renegotiation vulnerability

TLS renegotiation vulnerability

Posted Nov 22, 2009 4:49 UTC (Sun) by foom (subscriber, #14868)
In reply to: TLS renegotiation vulnerability by Cyberax
Parent article: TLS renegotiation vulnerability

> It's actually not that complex.

Are you kidding? That's *insane*ly complex, compared to just having a single standard spelling.
XML dsig (at least libxml version) is crazy slow, too.

(Log in to post comments)

TLS renegotiation vulnerability

Posted Nov 22, 2009 17:01 UTC (Sun) by Cyberax (subscriber, #52523) [Link]

Well, if I had a choice between ASN.1 and insanely complex XML rules, then I'd still choose XML.

The trick in doing XML dsig is to output XML directly in a canonical format, then you can have a pretty fast implementation.

It's still slower than uber-optimized ASN.1 parsers, but personally, I don't care even if it's 10x slower.

TLS renegotiation vulnerability

Posted Nov 23, 2009 0:17 UTC (Mon) by foom (subscriber, #14868) [Link]

> Well, if I had a choice between ASN.1 and insanely complex XML rules, then I'd still choose XML.

That's a bit silly. Have you ever looked at ASN.1? It's really quite trivial. So much easier than XML,
it's hard to imagine why anyone would want to use an XML parser instead in security sensitive
code.

http://en.wikipedia.org/wiki/Basic_Encoding_Rules

Certificates actually use DER, which is a slightly restricted subset of BER:
http://en.wikipedia.org/wiki/Distinguished_Encoding_Rules

TLS renegotiation vulnerability

Posted Nov 23, 2009 8:26 UTC (Mon) by Cyberax (subscriber, #52523) [Link]

Unfortunately, I've worked with it. And that's why I'm quite sure: wherever ASN.1 goes, destruction and pain follows. Examples: LDAP, SNMP, SSL/TLS, Kerberos.

To be fair, XML canonicalization rules are designed for arbitrary XML. It's possible to simplify them by using a subset of XML. For example, by restricting entities, CDATA and namespace use.

In any case, less complex formats like JSON can be used instead of XML.

TLS renegotiation vulnerability

Posted Nov 23, 2009 13:50 UTC (Mon) by quotemstr (subscriber, #45331) [Link]

wherever ASN.1 goes, destruction and pain follows. Examples: LDAP, SNMP, SSL/TLS, Kerberos.

You have an interesting definition of "destruction and pain". These protocols are used all over the place and are successful by any measure.

TLS renegotiation vulnerability

Posted Nov 23, 2009 15:49 UTC (Mon) by Cyberax (subscriber, #52523) [Link]

Do you know how to make a simple request with LDAP? Can you write a simple LDAP Ping using plain sockets?

I can easily do this for HTTP/FTP/SMTP even IMAP. I don't even want to contemplate this for SSL/TLS.

That's the problem, it's impossible to create a simple client for SSL.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds