You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should defend against new triple handshake attacks on TLS. I would suggest just disabling session resumption; this is easier to test than testing if session resumption validates the server cert in exactly the same way.
We're probably only at least partially vulnerable because we only support PFS ciphersuites. A variant of the attack still works, but only for specific broken DHE groups.
The text was updated successfully, but these errors were encountered:
We should defend against new triple handshake attacks on TLS. I would suggest just disabling session resumption; this is easier to test than testing if session resumption validates the server cert in exactly the same way.
We're probably only at least partially vulnerable because we only support PFS ciphersuites. A variant of the attack still works, but only for specific broken DHE groups.
The text was updated successfully, but these errors were encountered: