Hi,
As tls 1.3 is being worked upon, older work like rfc 6520 and any enhancements
to it may not be as important.
Also, particularly the TLS heartbeat feature, which has become famous for wrong
reasons, is disabled by the SSL implementations eg OpenSSL.
I tried to uncover an issue below pertai
Hi,
Is it possible for the standards/RFCs to dictate de-prioritization of certain
troublesome TLS processing patterns?
The RFCs
-- may suggest identification of such patterns,
-- may suggest implementation of certain low priority processing
queues/threads/executions.
Following is an example
!
On Sat, 12/30/17, Peter Gutmann wrote:
Subject: Re: [TLS] TLS 1.3 : small fragments attack
To: "tls@ietf.org" , "Jitendra Lulla"
Date: Saturday, December 30, 2017, 5:03 AM
Jitendra Lulla
writes:
>The client can have a
rogue TLS implementa
