Open Bug 861311 Opened 11 years ago Updated 2 years ago

limit false start when changing ALPN negotiated protocols

Tracking

()

Status:

NEW

People

(Reporter: mcmanus, Unassigned)

References

Details

(Whiteboard: [psm-backlog])

Patrick McManus [:mcmanus]

Reporter

Description

•

11 years ago

In the future, we should try to limit the potential for the attacker to
> choose the protocol in the same way we limit the attacker's ability to
> choose the cipher suite.


> 
> // XXX: An attacker can choose which protocols are advertised in the
> // NPN extension. [..] We should restrict the ability
> // of an attacker leverage this capability by restricting false start
> // to the same protocol we previously saw for the server, after the
> // first successful connection to the server.

Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)

Updated

•

8 years ago

Whiteboard: [psm-backlog]

Dana Keeler (she/her) (use needinfo) [:keeler] (on leave)

Updated

•

7 years ago

Priority: -- → P3

Summary: limit false start when changing NPN/ALPN negotiated protocols → limit false start when changing ALPN negotiated protocols

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

limit false start when changing ALPN negotiated protocols

Categories

(Core :: Security: PSM, enhancement, P3)

Tracking

()

People

(Reporter: mcmanus, Unassigned)

References

Details

(Whiteboard: [psm-backlog])

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated