Che cosa era SSL 1.0?

15

Che cosa era SSL 1.0?

SSL 2.0 e 3.0 sono ben noti e ben documentati. Ma come è stato il protocollo SSL 1.0? Wikipedia dice c'era un SSL 1.0 ma non dice nulla su come ha funzionato . Perché SSL 1.0 è stato sostituito / sostituito? Aveva difetti di sicurezza? Se sì, quali erano?

    
posta D.W. 02.09.2013 - 03:50
fonte

4 risposte

10

Una citazione da SSL e TLS: teoria e pratica - Rolf Oppliger dice:

Netscape Communications started to develop the SSL protocol soon after the National Center for Supercomputing Applications (NCSA) released Mosaic 1.0--the first popular Web browser--in 1993. Eight months later, in the middle of 1994, Netscape Communications already completed the design for SSL version 1 (SSL 1.0). This version circulated only internally (i.e., inside Netscape Communications), since it had several shortcomings and flaws. For example, it didn't provide data integrity protection. In combination with the use of the stream cipher RC4 for data encryption, this allowed an adversary to make predictable changes to the plaintext messages. Also, SSL 1.0 did not use sequence numbers, so it was vulnerable to replay attacks. Later on, the designers of SSL 1.0 added sequence numbers and checksums, but still used an overly simple cyclic redundancy check (CRC) instead of a cryptographically strong hash function that is one-way and collision-resistant.

This and a few other problems had to be resolved, and at the end of 1994 Netscape Communications came up with SSL version 2 (SSL 2.0).

    
risposta data 02.09.2013 - 08:19
fonte
5

Phillip Hallam-Baker ha scritto:

The actual history of SSL was that SSL 1.0 was so bad that Alan Schiffman and myself broke it in ten minutes when Marc Andressen presented it at the MIT meeting.

link

Però non sono stati forniti ulteriori dettagli su quali fossero esattamente i difetti.

    
risposta data 06.10.2013 - 09:28
fonte
1

SSL 1.0 - > intorno al 1994 con Mosaic, è stato gettato nella spazzatura un anno dopo per ssl 2.0. così ssl 1.0 è stata la prima bozza, senza RFC, molto Mosaic-Centric.

risposta data 02.09.2013 - 08:07
fonte
-2

Sfortunatamente SSLv1 non è ancora morto. OpenSSL supporta ancora v1 per i certificati root, ad es. in crypto/x509v3/v3_purp.c . Attenzione, commento spaventoso avanti!

static int check_ca(const X509 *x)
{
        /* keyUsage if present should allow cert signing */
        if(ku_reject(x, KU_KEY_CERT_SIGN)) return 0;
        if(x->ex_flags & EXFLAG_BCONS) {
                if(x->ex_flags & EXFLAG_CA) return 1;
                /* If basicConstraints says not a CA then say so */
                else return 0;
        } else {
                /* we support V1 roots for...  uh, I don't really know why. */
                if((x->ex_flags & V1_ROOT) == V1_ROOT) return 3;
                /* If key usage present it must have certSign so tolerate it */
                else if (x->ex_flags & EXFLAG_KUSAGE) return 4;
                /* Older certificates could have Netscape-specific CA types */
                else if (x->ex_flags & EXFLAG_NSCERT
                         && x->ex_nscert & NS_ANY_CA) return 5;
                /* can this still be regarded a CA certificate?  I doubt it */
                return 0;
        }
}
    
risposta data 03.09.2013 - 19:56
fonte

Leggi altre domande sui tag