[Ach] openssl again

Seth list at sysfu.com
Sat Jan 10 19:40:59 CET 2015


On Fri, 09 Jan 2015 16:11:41 -0800, L. Aaron Kaplan <kaplan at cert.at> wrote:
> https://www.openssl.org/news/secadv_20150108.txt
>
> *sigh*
>
> quote: "ECDHE silently downgrades to ECDH (...) This effectively removes  
> forward secrecy from the ciphersuite."

I run LibreSSL wherever I can instead of OpenSSL. How would I go about  
determining if this attack also effects LibreSSL?



More information about the Ach mailing list