BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 18/08/2015 23:06, jonetsu wrote:
> OK.  So this means that the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is not the
> solution for the BEAST attack.  Is there a solution while keeping TLS 1.0
> and SSL v3.0 ?
>
> Thanks.
The solution is NOT setting
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS and hoping the other
end doesn't have whatever bug caused the OpenSSL team to
disable the workaround by default.

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 S?borg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux