On 4 October 2015 at 21:06, Eric Rescorla <e...@rtfm.com> wrote: > > Yes, if the attacker can provide their own data, it makes matters worse, > but as the reference I provided indicated, there are potential security > issues even if the attacker is not able to do so, provided that the data > is sufficiently redundant.
Sometimes, it's OK. Sometimes, not. Agreed. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
