Guido, I'm working from <http://extendedsubset.com/Renegotiating_TLS.pdf>. I believe geremy is right. The current SSL module does not expose much of the SSL API, so servers implemented in Python, using it, should (fortuituously) be immune to the some of the attacks outlined, simply because there's no way to do an application-initiated renegotiation, which the first two scenarios presuppose. On the other hand, there's no way to do application-directed session resumption, either, which might be a good add to support new or updated application protocols which address this problem. So I think there's not much we can do in Python source code to address this, unless there's a switch we can throw in the existing OpenSSL API to turn off renegotiation completely. I'll look, and I'll talk this over with our security group. Building binaries with newer versions of OpenSSL is pretty much always a good idea, it seems to me. More generally, this is a nice description of how simply layering TLS onto existing application protocols like HTTP doesn't always work very well. Bill
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4