TLS 1.3 Draft Prepares to Drop Static RSA Key Exchange 51
msm1267 (2804139) writes with a bit of news from last week that seems to have slipped under the radar. The IETF TLS working group has reached consensus on dropping static RSA cipher suites from TLS 1.3, instead requiring the use of Diffie-Hellman Exchange (or the faster ellipitic curve variant). Static DH and not just ephemeral DH key exchange will be supported, so not all connections will have forward secrecy. The consensus is subject to change before the final TLS 1.3 specification is released, and there are still details to be worked out. The changes to the draft are pending as a git pull request.
OpenSSL gets patch for another years old flaw (Score:2, Informative)
In other news [eweek.com], OpenSSL gets a 4-year-old flaw patched. The catch here is that the bug was not only 4 years in the codebase, but it was publicly reported (CVE-2010-5298 [nist.gov]) for 4 years, without no one taking the responsibility to fix it.
OpenBSD developer Ted Unangst made a detailed report [tedunangst.com] of the bug. It's not as severe as Heartbleed, but still allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment.
Re:Explained to a single digit year old (Score:2, Informative)
Nice and simple language, but factually all wrong. This has nothing to do with the NSA or the RSA.
The RSA in TFA is a cryptographic primitive. It should not be confused with the company RSA Security LLC, though both are named after the cryptographers Ron Rivest, Adi Shamir, and Len Adleman.
RSA is not considered broken or backdoored, but has some disadvantages compared to elliptic curve based alternatives, including lack of forward secrecy, and long key lengths at high security levels.