[Cryptography] LibreSSL unaffected by DROWN
Ray Dillinger
bear at sonic.net
Wed Mar 2 16:53:35 EST 2016
On 03/02/2016 12:20 PM, Yui Hirasawa wrote:
>> The emphasis has been on cleaning up the code and improving security,
>> which includes removing things such as SSL2 which has fundamental
>> security flaws.
>
> Something that doesn't have feature X is unaffected by an attack
> involving feature X!
>
Yep, complete non-story.
Backward compatibility is Backward. No surprise whatsoever.
Those who keep Stupid features in the codebase, get damaged
by Stupid attacks. Rinse, repeat. Nothing new except, maybe,
eventually, the learning of the lesson.
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160302/a49c1708/attachment.sig>
More information about the cryptography
mailing list