Scott:
Can you confirm that the TLS 1.1 specification addresses these concerns? (See draft-ietf-tls-rfc2246-bis-*,txt)
Well, the first concern is discussed in the implementation note in 6.2.3.2. If the implementation actually pays attention to it (and obeys the MUST found there), the implementation should be immune to it.
The second concern exploits the implicit predictable IV in TLS 1.0. The explicit IV in TLS 1.1 (and the recommended procedures for generating the IV listed in section 6.2.3.1) would eliminate it as a concern.
That is what I thought. Thanks for confirming.
Russ
_______________________________________________ Cfrg mailing list Cfrg at ietf.org https://www1.ietf.org/mailman/listinfo/cfrg