On 04.04.2013 23:52, Kevin Day wrote:
On Feb 1, 2013, at 5:09 PM, Andre Oppermann <an...@freebsd.org> wrote:
I'm working on a solution. Have to make sure that the chance to
crack a reduced cookie during its 30 seconds lifetime isn't too
high. That means involving our resident crypto experts for
verification.
Hey, Andre!
I know the security people have been pretty busy, but has there been
> any progress on this? We're still running into the occasional complaint
> with this issue.
Yes, there has been progress on a good fix for the issue. I've also
got excellent feedback from a couple of people on the cryptographic
properties of the new cookie approach. I shall be able to post a
patch for testing in the next days.
--
Andre
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
