Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Integrity is busted too #11

Merged
merged 1 commit into from
Apr 26, 2024
Merged

Integrity is busted too #11

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 4 additions & 4 deletions draft-ietf-tls-keylogfile.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -207,10 +207,10 @@ label "CLIENT_RANDOM" to identify the "master" secret for the connection.
# Security Considerations {#security}

Access to the content of a file in SSLKEYLOGFILE format allows an attacker to
break the confidentiality protection on any TLS connections that are included in
the file. This includes both active connections and connections for which
encrypted records were previously stored. Ensuring adequate access control on
these files therefore becomes very important.
break the confidentiality and integrity protection on any TLS connections that
are included in the file. This includes both active connections and connections
for which encrypted records were previously stored. Ensuring adequate access
control on these files therefore becomes very important.

Implementations that support logging this data need to ensure that logging can
only be enabled by those who are authorized. Allowing logging to be initiated
Expand Down