[35653] in cryptography@c2.net mail archive
Re: mac os x safari ssl cipher suite
daemon@ATHENA.MIT.EDU (Eric Cronin)
Sat Aug 12 16:28:14 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <459b3dc0608110726s6f065570t8bf2184d31e56c6d@mail.gmail.com>
Cc: cryptography@metzdowd.com
From: Eric Cronin <ecronin@gizmolabs.org>
Date: Sat, 12 Aug 2006 14:03:36 -0400
To: Joe Cooley <joe.cooley@gmail.com>
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--Apple-Mail-11-1004957866
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
On Aug 11, 2006, at 10:26 AM, Joe Cooley wrote:
> I recently inspected ssl packets from the following apps:
>
> firefox 1.5.0.6
> safari 2.0.4 (419.3)
> curl 7.15.4 with OpenSSL/0.9.7i
>
> I found that they list the following cipher suites during the client
> hello handshake protocol:
>
> (snippets from ethereal -V output...)
<snip>
> Safari only seems to support DES, 3DES, and RC4 ciphers. My question
> is this: should I be concerned about privacy when *_RC4_* is the
> negotiated suite, i.e., in my tests, safari used
> TLS_RSA_WITH_RC4_128_SHA? Firefox and curl used
> TLS_DHE_RSA_WITH_AES_256_CBC_SHA.
RC4 when used correctly (which I believe it is in TLS) should not
concern you much. What should concern you, however, is that Apple
has chosen to include a testing/debug NULL cipher in their production
(and completely unmodifiable w/o recompiling System.framework)
cipherlist:
> Cipher Suite: TLS_RSA_WITH_NULL_MD5 (0x0001)
This means that a malicious server can negotiate Safari into using no
encryption at all, while still providing all the GUI feedback of a
secure SSL connection...
For fun, fire off this command and visit localhost:4433 from both
firefox and safari, and look at the packet dumps in ethereal (use any
snakeoil server.* you have handy):
/usr/local/bin/openssl s_server -cert server.crt -key server.key -www
-cipher 'AES:TLSv1:ALL:NULL:!RC4-SHA:!RC4-MD5:!DES-CBC3-SHA:!DES-CBC-
SHA:!EXP-RC4-MD5:!EXP-DES-CBC-SHA:!EXP-RC2-CBC-MD5'
I filed a bug with Apple on this back in February, I encourage others
to do so as well at http://radar.apple.com. Ask them to include the
AES ciphers while you're at it, it's only been 5 years or so since it
was standardized...
Thanks,
Eric
--Apple-Mail-11-1004957866
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Darwin)
iQEVAwUBRN4X+1YGjLduMLMiAQhJiAgAvQ4iFnxbFG05fIj0VFg8QXFYe006X26B
ogZDQpsrRsnPtmdonMXCoNWFLzR2CsHkn+dhr/Peak9tYgjZ9DSX8o0n7IB3ER5a
skZi/I9fbx2rXFTu2ywo0+wqUPxu6dNzBBUFbp2Mml6rIXnI2j5oWZEU9+wj78bj
s+iO0o1lKqQj1aa4Ck0t2rBgkQq5o8vnmuzWH0SoJEsYJqCMaKZNNStB2DA0N0Ls
v2l9a3i++3WmbavNz1mY/v6fyjoKPGdZGm8AP17zOMfteqQ9hpcm58DvjM09gCZ4
TnaTbn3n6fxpPEIBV9OhjSSyMQFiBfSbZuN1lPRKTE5qFx05Xw7T6A==
=aCf5
-----END PGP SIGNATURE-----
--Apple-Mail-11-1004957866--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
