d...@geer.org wrote: > | > | This is the first attack against TLS that I consider to be > | the real deal. To really fix it is going to require a change to > | all affected clients and servers. Fortunately, Eric Rescorla > | has a protocol extension that appears to do the job. > | > > ...silicon...
No-one in their right mind implements a protocol as complicated as TLS in silicon that they can't update. They may implement various building blocks in hardware, and connect them together with firmware. An update like this would "only" require changing the firmware, although that may be difficult enough. -- David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
Description: OpenPGP digital signature