Forum

TLS downgrade attack notification

Marius Dinu
17 October 2015, 01:16
Hi.
Is it possible to detect a downgrade attack as it takes place, before sending any website content on that downgraded connection? Can a web server notify it's client about this?
I know that HTTP(S) is stateless, but can a webserver "know" if a client connected before using a stronger encryption before sending any content on the current connection?

PS:
A very interesting article here: weakdh.org/imperfect-forward-secrecy-ccs15.pdf
Hugo Leisink
18 October 2015, 19:50
No, not that I'm aware of. But you can simply mitigate the downgrade attack by not offering insecure ciphers. A CGI script can see what cipher was used via the TLS_CIPHER environment variable.
This topic has been closed.