Skip to content
  1. Oct 21, 2013
    • Nick Mathewson's avatar
      Do not include a timestamp in the Client/ServerHello Random field. · 2016265d
      Nick Mathewson authored
      Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE
      is set.
      
      This is a forward-port of commits:
        4af79303
        f4c93b46
        3da721da
        25832701
      
      While the gmt_unix_time record was added in an ostensible attempt to
      mitigate the dangers of a bad RNG, its presence leaks the host's view
      of the current time in the clear.  This minor leak can help
      fingerprint TLS instances across networks and protocols... and what's
      worse, it's doubtful thet the gmt_unix_time record does any good at
      all for its intended purpose, since:
      
          * It's quite possible to open two TLS connections in one second.
      
          * If the PRNG output is prone to repeat itself, ephemeral
            handshakes (and who knows what else besides) are broken.
      2016265d
  2. Oct 20, 2013
  3. Oct 15, 2013
  4. Oct 14, 2013
  5. Oct 13, 2013
  6. Oct 12, 2013
  7. Oct 10, 2013
  8. Oct 09, 2013
  9. Oct 08, 2013
  10. Oct 07, 2013
  11. Oct 03, 2013
  12. Oct 02, 2013