On 1 November 2012 18:38, Phillip Hallam-Baker <hal...@gmail.com> wrote:
> Again, does it appear so subtle after it has been discovered?

Well, I find I have to remind myself how it works. So ... yeah.

Also, I assumed Bliechanbacher was the exponent 3 thing, which was
also pretty subtle.

>
> Would the flaw have been discovered sooner if there was not so much dead
> code?

I don't think dead code had any influence on either of these.

>
>
> On Thu, Nov 1, 2012 at 2:35 PM, Ben Laurie <b...@google.com> wrote:
>>
>> On 1 November 2012 18:00, Stephen Farrell <stephen.farr...@cs.tcd.ie>
>> wrote:
>> >
>> >
>> > On 11/01/2012 05:22 PM, Phillip Hallam-Baker wrote:
>> >> Having worked in Web security over 20 years now, I have still to see a
>> >> case
>> >> where a system was breached because of a really subtle design flaw.
>> >
>> > Bleichenbacher?
>>
>> TLS renegotiation?
>>
>> >
>> > S.
>> > _______________________________________________
>> > therightkey mailing list
>> > therightkey@ietf.org
>> > https://www.ietf.org/mailman/listinfo/therightkey
>
>
>
>
> --
> Website: http://hallambaker.com/
>
_______________________________________________
therightkey mailing list
therightkey@ietf.org
https://www.ietf.org/mailman/listinfo/therightkey

Reply via email to