> On 30 Dec 2017, at 7:03, Peter Gutmann wrote:
>
> Jitendra Lulla writes:
>
>> The client can have a rogue TLS implementation with the following intentional
>> changes:
>>
>> 0. Choose CBC with AES256-SHA56 or any other heavier (in terms of processing
>> power requirements) and non parallel
> On Dec 30, 2017, at 12:38 AM, Peter Gutmann wrote:
>
> I think your idea in general is a good one, standards should include sanity
> limits on what you should and shouldn't accept (I've managed to cause crashes
> and reboots and whatnot on different servers by sending valid but unexpected
> d
Jitendra Lulla writes:
>But what if such records, from the same session, come in a quantity of 1
>or more per second which could be generated by uploading a 500 MB file by the
>client?
My comment was meant as a general observation on how hard anomaly-detection
is. At what point do you decide
!
On Sat, 12/30/17, Peter Gutmann wrote:
Subject: Re: [TLS] TLS 1.3 : small fragments attack
To: "tls@ietf.org" , "Jitendra Lulla"
Date: Saturday, December 30, 2017, 5:03 AM
Jitendra Lulla
writes:
>The client can have a
rogue TLS implementa
Jitendra Lulla writes:
>The client can have a rogue TLS implementation with the following intentional
>changes:
>
>0. Choose CBC with AES256-SHA56 or any other heavier (in terms of processing
>power requirements) and non paralleliz'able cipher suite.
>
>1. After the handshake, always send all th
