undefined | Better HN

0 pointsuserbinator9y ago0 comments

Rejecting anything it doesn't understand sounds like a bug to me.

It sounds like a perfectly reasonable behaviour if the goal is to "fail closed", to provide more security in a fashion similar to a whitelist.

If it sees that it's TLS, it should attempt a protocol downgrade.

I don't remember the exact details but I recall reading that TLS has a mechanism to prevent version downgrades, precisely to defend against such "attacks", so the connection would not succeed in that case either.

0 comments

5 comments · 4 top-level

tbrowbdidnso9y ago· 1 in thread

The TLS negotiation is mutual. Both endpoints tell each other what they support and they agree on a protocol that's mutually supported.

If merely advertising 1.3 while still advertising older versions causes blue coat to break, it has a bug in TLS version negotiation.

There is no downgrade or whitelist or failing closed. Each end says what they support and BlueCoat blows up the connection if it sees that the other end supports a newer version. It should say "oh we both support 1.2 let's use that" And apparently it's done this before so there's even less an excuse for it.

rocqua9y ago

This is apparently a problem when bluecoat is used in non-mitm mode. That probably means bluecoat is merely inspecting the initial handshake, not modifying it. That would imply it can't actually modify the handshake.

It then simply inspects a connection it doesn't understand and 'fails closed' by preventing that connection.

ademarre9y ago

> It sounds like a perfectly reasonable behaviour if the goal is to "fail closed", to provide more security in a fashion similar to a whitelist.

This reminds me of firewalls that weaken security by filtering unrecognized HTTP headers: https://news.ycombinator.com/item?id=12655180

coderobe9y ago

Client and Server exchange a list of capabilities at the beginning of a TLS connection, if the proxy just filters out the protocols/versions it doesn't understand, server/client will agree on a different version (like 1.2).

deathanatos9y ago

I've written a similar rebuttal to your sibling's comment here[1].

This isn't "failing closed", and this isn't a whitelist. TLS allows you to whitelist to certain versions of the protocol during the initial negotiation at the start of the protocol; that is the opportunity for either end to state what version of the protocol they'd like. It is not permissible in the protocol to close the connection as Blue Coat is doing.

This isn't a downgrade attack, either: both server and client are free to choose their protocol version at the beginning. The client & server will later verify that the actual protocol in use is the one they intended; this is what prevents downgrades.

[1]: https://news.ycombinator.com/item?id=13751737

j / k navigate · click thread line to collapse