On 08/11/2015 02:05 PM, Peter Gutmann wrote:
> Clemens Hlauschek writes:
>
>> I published a paper today on KCI-attacks in TLS. This might be of interest to
>> the TLS WG.
>>
>> https://www.usenix.org/conference/woot15/workshop-program/presentation/hlauschek
>
On 08/11/2015 02:05 PM, Peter Gutmann wrote:
> Clemens Hlauschek writes:
>
>> I published a paper today on KCI-attacks in TLS. This might be of interest to
>> the TLS WG.
>>
>> https://www.usenix.org/conference/woot15/workshop-program/presentation/hlauschek
>
On 08/11/2015 07:59 PM, Martin Thomson wrote:
> On 11 August 2015 at 16:38, Clemens Hlauschek
> wrote:
>>> Maybe I should have been clearer. The certificate might not include a
>>> (strong) signal that allows the client to distinguish between ECDSA
>>> and fi
On 08/11/2015 05:06 PM, Martin Thomson wrote:
> On 11 August 2015 at 12:05, Ilari Liusvaara
> wrote:
>>> I don't see how that would work. A client that understands the cert
>>> to be ECDSA won't pair the key with the server's ECDH share, they will
>>> sign the session transcript with it.
>>
>>
Hi,
I published a paper today on KCI-attacks in TLS. This might be of
interest to the TLS WG.
https://www.usenix.org/conference/woot15/workshop-program/presentation/hlauschek
Regards,
Clemens
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mail
