[Cryptography] CVE-2015-0205 anyone?
Erwan Legrand
erwan at lightbringer.org
Tue Jan 27 12:42:29 EST 2015
Hi,
Can anyone make sense of the announcement for CVE-2015-0205, an
alleged security flaw in OpenSSL?
Here is what the announcement says:
> An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. This effectively allows a client to authenticate without the use of a private key. This only affects servers which trust a client certificate authority which issues certificates containing DH keys: these are extremely rare and hardly ever encountered.
It seems to me that accepting DH certificates from the client without
a Certificate Verify message is expected, since DH certificates have
no signing capability. A quick search in any of the TLS RFC's or in
the SSLv3 spec appears to confirm this.
I had a look at the fix for this vulnerability and it appears to add a
requirement for a Certificate Verify message even if the client cert
is a DH cert which as I see it is a violation of the SSLv3 spec and
all TLS RFCs and insures that DH certs can no longer be used by
clients connecting to OpenSSL servers from now on.
Did I miss something?
Erwan
PS: I do realize that probably nobody cares because nobody uses DH certs.
More information about the cryptography
mailing list