TLS break

David-Sarah Hopwood david-sarah at
Wed Nov 11 18:58:45 EST 2009

dan at wrote:
>  | 
>  | This is the first attack against TLS that I consider to be
>  | the real deal. To really fix it is going to require a change to
>  | all affected clients and servers. Fortunately, Eric Rescorla
>  | has a protocol extension that appears to do the job.
>  | 
> ...silicon...

No-one in their right mind implements a protocol as complicated as TLS
in silicon that they can't update. They may implement various building
blocks in hardware, and connect them together with firmware. An update
like this would "only" require changing the firmware, although that may
be difficult enough.

David-Sarah Hopwood  ⚥

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 292 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the cryptography mailing list