Well so is Akamai, among other things :) I can posit that yes, TLS DoS is happening. Not sure how valuable that is.
-- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: [email protected]; Twitter: RichSalz -----Original Message----- From: Yaron Sheffer [mailto:[email protected]] Sent: Tuesday, May 27, 2014 3:38 PM To: Salz, Rich; Ralph Holz; [email protected] Subject: Re: [Uta] Real draft-ietf-uta-tls-bcp Feedback With respect, Arbor Networks (the article cited below) are anti-DDoS vendors... Thanks, Yaron On 05/27/2014 05:39 PM, Salz, Rich wrote: >> Yes, but then we are again at the point that weaker devices will be at a >> disadvantage, and that we are burning CPU power for nothing. > > If the choice is failure to connect because the server has to push off some > load, versus a delayed connection... > >> But I could be wrong. Do we actually have evidence of DoS via TLS? > > Yes. Here's one > http://www.arbornetworks.com/asert/2012/04/ddos-attacks-on-ssl-somethi > ng-old-something-new/ > > -- > Principal Security Engineer > Akamai Technologies, Cambridge, MA > IM: [email protected]; Twitter: RichSalz > > _______________________________________________ > Uta mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/uta > _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
