Cirrocumulus
Details are vague (As you'd expect) but IIUC it may be only client cert authentication that's vulnerable (Or not).
Anyone got any details?
H
Cirrostratus
Do you have a CVE number? I did some quick searches online, but didn't find anything related.
You'll need to open a case to get an official response from F5, but I'm curious to see what the issue is.
Thanks,
Aaron
Cirrocumulus
Hi Aaron.
The IETF mailing list link is http://www.ietf.org/mail-archive/web/tls/current/msg03942.html 'el reg' has the article I first saw at http://www.theregister.co.uk/2009/11/05/serious_ssl_bug/ and then the more in-depth info is at http://extendedsubset.com/?p=8
I'm still reading the paper he wrote to discover exactly how bad the vulnerability is. But it's not actually limited to just client auth certificate negotiation apparently.
H
Cirrocumulus
H
Cirrocumulus
The answer itself was specific to 9.4.7, but there's no indication that it's different for any other version (Although I have asked). Because of the way they've implemented it, they're only vulnerable (For SSL Offload) if you have an iRule that explicitly does an SSL::renegotiate.
They'll be publishing a SOL note in the next few days, possibly with same iRule code to workaround the issue where SSL::renegotiate is necessary.
H
Cirrostratus
Thanks for the info. So any iRule which requests a client cert by renegotiating the SSL handshake would potentially be susceptible? Interesting... I look forward to a solution on this.
Aaron
Nimbostratus
To be on the safe side I opted to prevent mid-stream renegotiation altogether where possible.
See also my iRule post: http://devcentral.f5.com/Default.aspx?tabid=53&forumid=5&postid=86456&view=topic