Re: [Bug-wget] please remove SSLv3 from being used until explicitly specified

[Christoph Anton Mitterer]

On Thu, 2014-10-16 at 21:34 +0200, Ángel González wrote: 
> First of all, note that wget doesn't react to a disconnect with a 
> downgraded retry thus
> it is mainly not vulnerable to poodle (you could only use CVE-2014-3566 
> against servers
> not supporting TLS).
> 
> Then, even in that case, as an attacker won't be able to dynamically 
> connect in the
> background to another site, explotaition would be much harder (something 
> like a
> recursive download on an attacker-controlled server (such as http) which 
> is redirecting
> _some_ requests to the https target). For little gaining, as it's very 
> unlikely that such
> wget would hold any secret for that server connection (I think you would 
> need to use
> --load-cookies with a file shared with another -sensitive- batch 
> processing).

Thanks for trying that out...
But often when such issues are found, no long afterwords people can
attack it even more and what seems impossible right now may be possible
then.

Just look at the whole black magic to defend SSL against all the
CBC/padding, MtE, lucky13 and further attacks... they fixed it and some
time later the attacks where improved and the same issues where back.

That's why I think SSLv3 should be no longer used, even if wget isn't
that strongly exposed to attacks.
Also one cannot say that people who depend on it wouldn't have had their
time to move on to TLSv1.x... that SSLv3 will/should be phased out, is
clear for years.
So I feel, better proactively disable it (even if not yet necessary) and
affect those who haven't done their homework, instead of waiting too
long and let those suffer who did.


Cheers,
Chris.

smime.p7s
Description: S/MIME cryptographic signature