Closed Bug 790810 Opened 13 years ago Closed 13 years ago

Turn off compression in SSL

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
15 Branch
Platform:
x86_64
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: donrhummy, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20100101 Firefox/15.0.1 Build ID: 20120905151427 Steps to reproduce: Apparently there's an Oracle in SSL compression that reveals information about the data making it unsecure. I don't know if Firefox implements SSL compression, but if it does, it better turn it off. http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor/19914#19914 Actual results: SSL compression treats it as one long stream, so compression is done on everything sent in the stream. Attacker can submit data like the headers, e.g. "Set-Cookie:0" and see how many bytes are actually sent (since if "Set-Cookie:0er4w3", compression rules will send less data due to repeated strings) and thus start guessing the exact bytes in the cookie string (or other headers, etc) - just like how a Padding-Oracle works. Expected results: No data should be leaked.
Firefox does not use TLS compression. The functionality was added to our crypto library (shared with other projects, like web servers) but has never been turned on in Mozilla client products including Firefox.
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 13 years ago
Resolution: --- → INVALID
(In reply to Daniel Veditz [:dveditz] from comment #1) > Firefox does not use TLS compression. The functionality was added to our > crypto library (shared with other projects, like web servers) but has never > been turned on in Mozilla client products including Firefox. That's good to know. Is there any way to check if that functionality in the crypto library is used by anything?
You need to log in before you can comment on or make changes to this bug.