The day after Heartbleed, our core cryptography people met, I remember @pzb was there, and we did a few more things with the OpenSSL package. Amazon's OpenSSL has always been a bit different than the public one, but that day we created a new "hardened" branch.
-
-
All of this trouble for a feature that to this day I can't even think of a good use case for. This is one reason why "Don't do less well. Do less, well." resonates with me as a motto.
Show this thread -
That's my story for now, until I remember something I forgot. Thanks to everyone who moved mountains 5 years ago. I'm in JFK waiting to fly to Bucharest, so AMA!
Show this thread
End of conversation
New conversation -
-
-
I thought the purpose of the payloads was to allow stuffing the line with an arbitrary amount of traffic to defeat traffic analysis - SSH has something similar AIUI.
-
TLS1.3 has support for padding built-in now, but I don't think that's what Heartbeats were about. It's 4 and a half years since I read the old threads though!
End of conversation
New conversation -
-
-
While you are right so many networks block ICMP and prevent PMTUd working I can see why an alternate mechanism might have seemed like a good idea.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.