TLS Man-In-The-Middle Vulnerability
Marcus Griep
tormaster at xpdm.us
Thu Nov 5 20:46:28 UTC 2009
The ITEF Network Working Group has already begun drafting a new extension to
TLS: Renegotiation Indication.
https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt
--
Marcus Griep
——
Ακακια את.ψο´, 3°
On Thu, Nov 5, 2009 at 2:10 PM, Marcus Griep <tormaster at xpdm.us> wrote:
> Don't know if any one else has seen or taken a look at this. I don't know
> if this affects Tor, though I believe that we do use certificate
> renegotiation in the protocol, and that is the entry vector for this
> particular vulnerability:
>
> "TLS Man-in-the-middle on renegotiation vulnerability made public"
> http://isc.sans.org/diary.html?storyid=7534
> --
> Marcus Griep
> ——
> Ακακια את.ψο´, 3°
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20091105/7ed5911a/attachment.htm>
More information about the tor-talk
mailing list