> Can anyone explain the vulnerability?
A handful of links
Here's the timeline, a public document:
https://plus.google.com/u/0/+MarkJCox/posts/L8i6PSsKJKs
And this blog entry from the guy who found the bug. BTW, it's 16 years old.
http://ccsinjection.lepidum.co.jp/blog/2014-06-05/CCS-Injection-en/index.html
Adam Langley's writeup full of technical and protocol details
https://www.imperialviolet.org/2014/06/05/earlyccs.html
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rs...@jabber.me; Twitter: RichSalz
