Ion Larranaga Azcue <ilarra@xxxxxxxxxx> writes: >And for the malicious user that, knowing the server is currently in debug >mode and returning extended errors, can more easily perform attacks on it.... If there's someone on the Internet who can scan every TLS server on the planet once a minute to see a brief debug window open up, and then perform something like a million-message-attack using a single debug message, then they're kinda wasting their abilities in attacking TLS servers... Peter.
