[Pkg-gnutls-maint] Bug#402861: Bug#390712: Nokia/Ericsson MAC padding problem

[Marc Haber]

On Mon, Feb 04, 2008 at 12:09:17PM +0100, Simon Josefsson wrote:
> I believe we have identified that the problem in this bug is the MAC
> padding.  We brought this up on the IETF TLS list:
> 
> http://thread.gmane.org/gmane.ietf.tls/3079
> 
> Pasi forwarded this to the Symbian TLS team, and my understanding is
> that it is a known bug with the Symbian TLS implementation.

At least we know who's at fault here.

> GnuTLS won't change the default to cater with broken implementations, at
> least not without more justification that it is a widespread problem.  I
> think this bug can be resolved as 'wontfix'.

I agree.

> I recommend that applications offer a way to set the GnuTLS priority
> string in a configuration file, and to default it to 'NORMAL'.  It is
> extra good if the application allows users to set the GnuTLS priority on
> a per-IP basis, so that administrators doesn't have to decrease security
> to cater for a few broken devices.

Since mobile phones usually connect with a dynamic IP address, this
will most probably end up with a 0.0.0.0/0.0.0.0 netmask though.

> Given this, I think gnutls has done what it can about this bug, and it
> might be appropriate to even close it, rather than leaving it in
> wontfix.
> 
> Is there anything more we can do about this bug?  Suggestions are most
> welcome.

I'd love to have some permanent reference that can be found by Symbian
device owners and referenced in response to new bug reports.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221 2323190