I wrote a long blog post covering everything you ever wanted to know about Keyless SSLhttps://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/ …
-
-
Replying to @grittygrease
@grittygrease Good work. I am curious as to why the keyserver doesn't get to choose Serverhello.server_random.1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____ This would require another roundtrip in the RSA case. It could be feasible in the DH case, though.3 replies 0 retweets 0 likes -
Replying to @grittygrease
@grittygrease In the RSA case, keyserver can batch send acceptable server_randoms to you, async. Guards against some interesting replays.2 replies 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____ What's the threat model for these replay attacks?3 replies 0 retweets 0 likes
Replying to @grittygrease
@grittygrease Requiring the server_random to contain a timestamp that is sanity-checked by the keyserver would also help, but less.
3:26 PM - 19 Sep 2014
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.