--- Begin Message ---
On Jul 4, 2022, at 4:49 PM, Ryan Castellucci via tcpdump-workers
wrote:
> 1) TLS compression support is a foot-bazooka, is exploitable in practice, and
> should be removed. A modified version of the CRIME[1] attack should be
> completely feasible. I can't imagine any
--- Begin Message ---
Hi,
I volunteered to add proper TLS certificate validation to libpcap and
tcpdump back in September, and now that I'm funemployed, I've felt
compelled to have a go at it. I've actually got it mostly working.
Before I get too deep into a patchset, I wanted to share a few
