Re: [TLS] Expanded alert codes. [Was Re: Genart last call review of draft-ietf-tls-tls13-24]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ion Larranaga Azcue <ilarra@xxxxxxxxxx> writes:

>And for the malicious user that, knowing the server is currently in debug
>mode and returning extended errors, can more easily perform attacks on it....

If there's someone on the Internet who can scan every TLS server on the planet
once a minute to see a brief debug window open up, and then perform something
like a million-message-attack using a single debug message, then they're kinda
wasting their abilities in attacking TLS servers...

Peter.





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux