And, finally, if you look at some ~2007-era NIST documents about key exchange, they pretty much foreshadowed all TLS flaws discovered since.
-
-
-
care to clarify the foreshadowing?
-
Sure. Read http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf …. Compare TLS's key agreement scheme to the recommended schemes.
-
Basically, the NIST document tells you to use the Extended Master Secret Extension, except in 2007 instead of 2015.
-
Along the same lines: It's not NIST, but it was written before 2004: https://www.openssl.org/~bodo/tls-cbc.txt ….
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.