On 08/04/14 11:46, ianG wrote:
We have here a rare case of a broad break in a security protocol leading to compromise of keys.
On 2014-04-09 21:53, Alan Braggins wrote:
Though it's an implementation break, not a protocol break.
Not exactly. The protocol failed to define a response to nonsensical records. The bug was that the protocol responded to invalid records the same way as if they were valid.
The protocol should have said "a valid record shall satisfy the following requirements. Invalid records shall be silently discarded and all actions that depend on them silently terminated."
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
