On Nov 1, 2012, at 11:00 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> wrote:
>
>
> On 11/01/2012 05:22 PM, Phillip Hallam-Baker wrote:
>> Having worked in Web security over 20 years now, I have still to see a case
>> where a system was breached because of a really subtle design flaw.
>
> Bleichenbacher?
Maybe. By the time Bleichenbacher was actually an issue, a number of us had
been screaming for years. I suppose you can say that it was really subtle
because the people concerned about it weren't listened to. But that has its own
ick factor, too. Everything that people don't believe is subtle. Is it subtle
that you shouldn't be using 1024 bit RSA keys? 512?
Jon
_______________________________________________
therightkey mailing list
therightkey@ietf.org
https://www.ietf.org/mailman/listinfo/therightkey
