I've just come across the article "Successful timing attacks on elliptic curve cryptography" <http://www.h-online.com/security/news/item/Successful-timing-attacks-on-elliptic-curve-cryptography-1247772.html> and I am trying to figure out if the problem described affects Postfix and what I would need to do to get around it.
Does Postfix implement "time-independent functions for operations on elliptic curves" as recommended by the article or is this up to OpenSSL? p@rick -- All technical questions asked privately will be automatically answered on the list and archived for public access unless privacy is explicitely required and justified. saslfinger (debugging SMTP AUTH): <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
