Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> writes:
> From: Doris Diedrich <[EMAIL PROTECTED]>
>
> dido> Nope, it doesn't.
> dido> As far as I know, SSL works on top of UDP too.
>
> Hmm, have you actually tested this? With the cipher DES-CBC3-SHA for
> example? Have you any idea what would happen if a packet was missing?
> Undetected?
Actually, out of order delivery or dropped packets are just
as bad with any cipher suite.
1. The stream ciphers behave as if they were encrypting a single
extended data stream, so the data will decrypt incorrectly.
2. The sequence number is implicit rather than in the packet
so that the MAC will fail.
-Ekr
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
