Dear all, SSLv3 is busted once again. We need to fully disable it. The issue is an enhanced padding oracle attack discovered at Google. This is not timing based: there is no cure. Reconciliation with the result on MAC then encrypt security is left as an exercise to the reader.
Sincerely, Watson Ladd
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
