You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In this email (and this draft) Karthik et. al. outline issues with renegotiation that can be exploited to create multiple sessions with the same master secret.
For a new protocol version, it seems like the best solution is to change the master secret calculation to include more of the handshake as input. This can probably be addressed along with #5.
The text was updated successfully, but these errors were encountered:
In this email (and this draft) Karthik et. al. outline issues with renegotiation that can be exploited to create multiple sessions with the same master secret.
For a new protocol version, it seems like the best solution is to change the master secret calculation to include more of the handshake as input. This can probably be addressed along with #5.
The text was updated successfully, but these errors were encountered: