Between browsers and servers
The Secure Socket Layer (SSL) protects HTTPS connections, as does its successor, Transport Layer Security (TLS). They are based on a hybrid method in which the client and server first agree to a key sharing procedure. The client and server then coordinate which methods they can use for authentication, key exchange, and the symmetric encryption of the session.
Diffie-Hellman and the sharing of a random symmetric key via RSA are both possible. In the key sharing process, the client and server negotiate a joint "master secret" from which they will derive the session key for the TLS connection. If the two communication partners agree to use RSA to share keys, the client calculates the master secret. If the client suffers from the Debian bug, the connection will also be unsafe.
It is hard to say whether records of an https session would be vulnerable because vulnerability depends on the negotiated encryption parameters. Firefox and Mozilla use their own crypto libraries and are therefore not a risk factor on Debian systems. We are thus mainly left with connections to web servers that used a vulnerable OpenSSL library and Diffie-Hellman. The same applies for other applications that use SSL/TLS for encryption and/or authentication.
X.509 certificates are also used for exchanges of mail protected by S/MIME. These certificates are embedded in the email within a CMS structure (Cryptographic Message Syntax, RFC 3852, based on PKCS#7 1.5). In principle, an attacker can exploit an S/MIME certificate based on weak key material to generate digital signatures using the name of the holder or read encrypted messages addressed to the holder.
But S/MIME is also a hybrid method. The sender generates a random symmetric key and uses it to encrypt the message. He encrypts the symmetric key with the recipient's public key and packs the result in the CMS structure. If this encryption operation is performed on a vulnerable Debian system, attackers can read the encrypted message even if the X.509 certificates used are based on secure keys. However, both Thunderbird and Evolution use Mozilla's Network Security Services (NSS), which are not affected.
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
