From owner-freebsd-current@freebsd.org Tue Jul 12 10:12:08 2016 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 29294B914FA for ; Tue, 12 Jul 2016 10:12:08 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from smtp-sofia.digsys.bg (smtp-sofia.digsys.bg [193.68.21.123]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "smtp-sofia.digsys.bg", Issuer "Digital Systems Operational CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B4B211EE4; Tue, 12 Jul 2016 10:12:07 +0000 (UTC) (envelope-from daniel@digsys.bg) Received: from [193.68.6.100] ([193.68.6.100]) (authenticated bits=0) by smtp-sofia.digsys.bg (8.14.9/8.14.9) with ESMTP id u6C9xqXU029621 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 12 Jul 2016 12:59:52 +0300 (EEST) (envelope-from daniel@digsys.bg) Subject: Re: GOST in OPENSSL_BASE Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\)) Content-Type: multipart/signed; boundary="Apple-Mail=_7ACC6073-ED50-4B80-84A3-140601E04D97"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-Pgp-Agent: GPGMail From: Daniel Kalchev In-Reply-To: Date: Tue, 12 Jul 2016 12:59:35 +0300 Cc: freebsd-current@freebsd.org Message-Id: References: <20160710133019.GD20831@zxy.spb.ru> <20160711184122.GP46309@zxy.spb.ru> <98f27660-47ff-d212-8c50-9e6e1cd52e0b@freebsd.org> To: Matthew Seaman X-Mailer: Apple Mail (2.3124) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Jul 2016 10:12:08 -0000 --Apple-Mail=_7ACC6073-ED50-4B80-84A3-140601E04D97 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 > On 12.07.2016 =D0=B3., at 12:12, Matthew Seaman = wrote: >=20 > I'm also curious as to how far these regulations are supposed to = extend. > Presumably traffic which is merely transiting Russian territory isn't > covered, at least in a practical sense. How about people from Russia > accessing foreign websites? I can't see any of the big Internet = players > implementing GOST in any locations outside Russia any time soon. > Neither would I as a non-Russian have GOST capabilities client-side, = so > what happens if I go and look at say a YandX website over HTTPS? = Putin > and his advisors aren't stupid, and they'd already have considered all > this; plus, as you say, the timetable is clearly impossible; so there > must be something else going on here. The standard HTTPS implementation is already sufficiently broken, with = the door wide open by the concept of =E2=80=9Cmultiple CAs=E2=80=9D. The = protocol design is flawed, as any CA can issue certificate for any site. = Applications are required to trust that certificates, as long as they = trust the CA that issued them. It is trivial to play MTIM with this protocol and in fact, there are = commercially available =E2=80=9Csolutions=E2=80=9D for =E2=80=9Csecuring = one=E2=80=99s corporate network=E2=80=9D that doe exactly that. Some = believe this is with the knowledge and approval of the corporation, but = who is to say what the black box actually does and whose interests it = serves? There is of course an update to the protocol, DANE, that just shuts this = door off. But=E2=80=A6 it faces heavy resistance, as it=E2=80=99s = acceptance would mean the end of the lucrative CA business and the = ability to intercept =E2=80=9Csecure=E2=80=9D HTTPS communication. Those = relying on the HPPTS flaws will never let it become wide spread. In summary =E2=80=94 anyone can sniff HTTPS traffic. No need for any = cipher backdoors here. Nor any need for GOST to be involved. >=20 > Of course, now there's fairly good evidence that there's some sort of > backdoor in the GOST ciphers, all bets are off on how long it will be > until they get broken in a very public manner. >=20 One can say the same for any other crypto. Plus, for some ciphers there = is already evidence.. yet they are still in use. But, a good show is always worth it. Let=E2=80=99s watch for those = heroes. :) Daniel --Apple-Mail=_7ACC6073-ED50-4B80-84A3-140601E04D97 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJXhL+XAAoJEDN1EDx7HoqiCEkP/2J5YT+pQChuqAP2N5sS6+ta f5yg/RZdd4eepqiryB2/YMoNcFGpQUQ1Wx2DRWgkXcaWW1k9kqSdWsrpP+ISiwJ+ 7M+s6x0cW4HTTmQw0ZGthuAlp/aeSt/8iVOmEG4sv/ZerAcrIBKLfksfS32PAul0 nx3A7IkxBYFKJKSz/3bftMUP8/hXG/SDmOip4y+bQPVd5UXUrXTRUKnGE7NA3t6+ oPoq93q03Phk/6jVHQl6fl4i7ijoAhz5U224MjGCDcwLql5H7ZAcsrDS6p11y80H gUE4C/yeljt32WofkYLF0gOrpAE6ypVcpbnR+48Hu0scRLAODGZX50mm4YHJkrh6 yx3XIFUFKX8763qBriquLGDnKCXs5irTqK7ZpRXLHqd61tSd1xNveIPfJTxRfBGH wkKcAXoP6i0cLfu2ER8qpqbCmojzT+IfK0OR4R9X0ccRnEO8UhUHs5fSROxsil66 3fnNsqDdqdrxvXmPlsk7WkxnvPlbldzuvdBcPIxpjblBfomb/5+6yQDyCANXRaea XupZKs7/kvQZHz+x4dV+R3MWXkz9DK3xmeUsb30Q8nzoxxRdcRQ0nY3nwr/PB7c5 xFRy8ayp5gWTn9sP1bilwZXsccZ0GBA7mD0psa1MZwSarvGLUjyYTMhDbOdm0hv5 acNfXP0JTFr3weIxyy51 =Z5Sq -----END PGP SIGNATURE----- --Apple-Mail=_7ACC6073-ED50-4B80-84A3-140601E04D97--