Deutsch | English

[Ach] [saag] POODLE in detail (was Re: NTP security, and thoughts on Hawaii)

Aaron Zauner azet at
Tue Nov 4 18:54:10 CET 2014

* Aaron Zauner <azet at> [141104 18:46]:
>   .) The cipherstring needs to work with the 0.9.8 as well as 1.0.1
>      trees of OpenSSL. Both parse Cipherstrings very differently,
>      getting a result that will work on both took me a whole weekend
>      - and, agreed, it looks terrible. But it works.

Actually writing the supporting testing script took me a weekend
(and fighting through the OpenSSL sourcecode jungle with a machete),
not the cipherstring itself. It's actually not easy to understand
how OpenSSL works if you're not familiar with their codebase. Their
API is also difficult to use, which is why I sometimes come across
FOSS projects that wrongly implement SSL/TLS.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Digital signature
URL: <>

More information about the Ach mailing list
Tel.: +43 1 5056416 78
mehr ...
mehr ...
mehr ...
Jahresbericht 2017
Ein Resumee zur digitalen Sicherheitslage in Österreich

Letzte Änderung: 2018/5/28 - 15:00:00
Haftungsausschluss / Datenschutzerklärung