Why didn't we spot that?

Abstract

The Secure Sockets Layer (SSL) protocol and its standards-track successor, the Transport Layer Security (TLS) protocol, were developed more than a decade ago and have generally withstood scrutiny in that the protocols themselves haven't been found to have security flaws. Marsh Ray and Steve Dispensa discovered a design flaw in the TLS protocol that affects all versions of the protocol up to and including the current version.Whereas the vulnerability itself is serious, it need not affect many deployments once administrators apply suitable patches to disable renegotiation, leaving TLS sufficiently secure in most cases because exploiting the vulnerability requires the attacker to be an active man-in-themiddle, redirecting traffic between victims (for example, a browser and a Web server). However, because security problems only ever get worse, a change to the protocol is required. The vulnerability is an interesting attack in itself, but perhaps more interesting is the question, why didn't we see this earlier? In this article, the author explore this question but, unfortunately, can't answer it. Hopefully, simply asking the question might prompt developers to re-examine assumptions they've forgotten they've even made.