Anyone have any more info on this?
Even just a CVE or 'fixed in' version would be helpful. http://www.isoc.org/isoc/conferences/ndss/12/program.shtml#1a
Plaintext-Recovery Attacks Against Datagram TLS Kenneth Paterson and Nadhem Alfardan We describe an efficient and full plaintext recovery attack against the OpenSSL implementation of DTLS, and an efficient, partial plaintext recovery attack against the GnuTLS implementation of DTLS. We discuss the reasons why these implementations are insecure, drawing lessons for secure protocol design and implementation in general.
Thanks, - Marsh _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography