Closed Bug 672836 Opened 13 years ago Closed 11 years ago

PSM does insecure TLS -> SSL 3.0 fallback in too many situations

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Version:
6 Branch
Platform:
All
Other
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: briansmith, Unassigned)

References

Details

+++ This bug was initially created as a clone of Bug #672749 +++

User Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110420 (CK-bz-1.2) Firefox/3.6.17
Build ID: 20110420140830

Steps to reproduce:

Connect to a HTTPS site through a Bluecoat ProxySG device.


Actual results:

The TLSv1 Client Hello lists cipher suite TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00FF) first. This causes the proxy to respond with an Alert: Warning, Unrecognized Name (0x0170). This in turn causes Firefox to restart the request with a SSLv3 Client Hello. 

Expected results:

The insecure SSL 3.0 fallback should not be triggered. The SSL 3.0 fallback should only be triggered due to timeouts or other specific conditions that are known to be due to TLS intolerance, to minimize version rollback attacks.
The problem of TLS_EMPTY_RENEGOTIATION_INFO_SCSV causing TLS intolerance fallback should have been resolved by bug 549042 which landed in mozilla-central in bug 898431. Other cases are being handled in bug 689814 and the bugs it depends on. Resolving WORKSFORME.
Status: NEW → RESOLVED
Closed: 11 years ago
Depends on: 898431, 549042
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.