"New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites"
11 views
Skip to first unread message
Mark S. Miller
Jun 14, 2021, 1:41:36 PM6/14/21
to cap-talk, fr...@googlegroups.com
Relevance of https://thehackernews.com/2021/06/new-tls-attack-lets-attackers-launch.html ?
--
Cheers,
--MarkM
--MarkM
Tony Arcieri
Jun 15, 2021, 10:24:03 AM6/15/21
to cap-...@googlegroups.com, fr...@googlegroups.com
It's ultimately making the case for things like ALPN and SNI.
Although there's much simpler "doctor it hurts when I..." mitigations: don't reuse keys (and also don't use FTPS, but especially don't reuse keys for HTTPS and FTPS)
Tony Arcieri
Reply all
Reply to author
Forward
0 new messages