We should implement a countermeasure against the predictable-IV CBC

weakness in SSL/TLS
2002-02-13 10:21:25 +00:00 · 2002-02-13 10:21:25 +00:00 · 78d6603aad
commit 78d6603aad
parent 7241ae1a0a
1 changed files with 5 additions and 1 deletions
--- a/6
+++ b/6
@ -1,6 +1,6 @@

  OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/02/09 01:49:53 $
+  ______________                           $Date: 2002/02/13 10:21:25 $

  DEVELOPMENT STATE

@ -49,6 +49,10 @@

  NEEDS PATCH

+    o  An (optional) countermeasure against the predictable-IV CBC
+       weakness in SSL/TLS should be added; see
+       http://www.openssl.org/~bodo/tls-cbc.txt
+
    o  All 'openssl' subprograms taking '-des' and '-des3' options should
       include AES support (0.9.7-dev)