[Ach] POODLE on TLS < 1.2
Hanno Böck
hanno at hboeck.de
Tue Dec 9 13:57:14 CET 2014
On Tue, 9 Dec 2014 13:52:14 +0100
Pepi Zawodsky <pepi.zawodsky at maclemon.at> wrote:
> Ok, so not TLS 1.1 or 1.2 protocol specification in particular but
> “only” implementations that do not follow said specification. As I
> expected. Thanks for confirming.
The wording of TLS 1.2 says the padding MUST be checked. No such note
in TLS 1.0 or 1.1.
So it could be said this affects valid TLS 1.0/1.1 implementations.
BTW, contrary to the subject of this thread it also affects TLS 1.2 for
F5 load balancers, but that's clearly a bug.
--
Hanno Böck
http://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20141209/156f7152/attachment.sig>
More information about the Ach
mailing list