Open
Bug 861311
Opened 11 years ago
Updated 2 years ago
limit false start when changing ALPN negotiated protocols
Categories
(Core :: Security: PSM, enhancement, P3)
Tracking
()
NEW
People
(Reporter: mcmanus, Unassigned)
References
Details
(Whiteboard: [psm-backlog])
In the future, we should try to limit the potential for the attacker to > choose the protocol in the same way we limit the attacker's ability to > choose the cipher suite. > > // XXX: An attacker can choose which protocols are advertised in the > // NPN extension. [..] We should restrict the ability > // of an attacker leverage this capability by restricting false start > // to the same protocol we previously saw for the server, after the > // first successful connection to the server.
Whiteboard: [psm-backlog]
Priority: -- → P3
Summary: limit false start when changing NPN/ALPN negotiated protocols → limit false start when changing ALPN negotiated protocols
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•