On Tue, 2014-10-21 at 13:42 +0000, Aamir Ahmed -X (amiahmed) wrote: > Your understanding is correct David. Is there any NIST CVEs that was > filled to track this? No. It's not really something that's worthy of a CVE. It's just a fundamental design flaw in the whole approach. -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20141027/b351dfc7/attachment.bin>
