Re: Handling NULL key exchange for NULL_ ciphersuite

Rodney Thayer writes:
> 
> There is an argument that says that TLS_NULL_WITH_NULL_NULL should
> definitely be implemented in production TLS implementations.  It is useful
> for troubleshooting.  Presumably such an implemenation would employ
> warnings, blinking lights, sirens, loud warnings, extra user prompts, or
> whatever it takes to ensure it was only used for testing.

Yea.  However in my experience writing two different SSL3 implementations
it's the handshake that's the hardest part to get right.  Getting the
record-layer stuff correct is easy in comparison.  In fact the
way I've designed my SSLv3 code has required getting the record
layer right before I can even get to the handshake stuff... I
think that the TLS spec strongly encourages this type of design.

So, I agree it'd be useful, but I don't think its useful enough
to offset the possible security hole it opens.



-- 
Eric Murray  ericm@lne.com  ericm@motorcycle.com  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF

Received on Friday, 31 January 1997 13:00:16 UTC