Openssl software failure for RSA 16K modulus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> Instead of raising the limit of client key exchange message length more than 2048, why can't we add the 
> "ssl3_check_client_hello" functionality in the ssl/s3_srvr.c because that will "permit appropriate message length".

The DoS issue is still there.  How can you prevent the "other side" from consuming all your CPU with a large key?

Who needs 16K RSA keys, such that openssl by default should support that for everyone?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux