Watson Ladd <watsonbl...@gmail.com> writes: >Do the RFCs require the relevant checks or not?
No, they just specify the algorithms and bits on the wire (with a side-order of MTI stuff for interoperability). It's up to implementers to not do stupid things. >That's because real cryptographers understand that this is only 64 times >better then SHA1, and so don't bother to mention it. If it's so trivial to compromise then why, of all the many, many papers attacking TLS, has no-one every published an attack based on this? In fact, since it's so easy, perhaps you could publish a paper demonstrating it in practice? Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
