[Ach] POODLE on TLS < 1.2
Aaron Zauner
azet at azet.org
Tue Dec 9 00:45:29 CET 2014
Pepi Zawodsky wrote:
> Hoi!
>
> On 09 Dec 2014, at 00:20, Aaron Zauner <azet at azet.org> wrote:
>> apply POODLE to TLS < 1.2.
> Would that really be applicable to TLS 1.1 since checking the padding is required for 1.1. Just curious for my own understanding, not trying to argue into TLS 1.1 which nobody really uses anyway.
>
This only affects implementation that disregard proper padding checks in
their TLS stack. Adam Langley found this in F5 load balancers and other
products: https://www.imperialviolet.org/2014/12/08/poodleagain.html
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20141209/0cbeec08/attachment.sig>
More information about the Ach
mailing list