[PATCH] slaying the BEAST (TLS 1.0 exploiting)
Srebrenko Šehić
ssehic at gmail.com
Sun Oct 2 17:29:04 UTC 2011
On Sun, Oct 2, 2011 at 4:38 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
Hi,
> The quote is correct, but as you probably noticed it doesn't say
> anywhere that this workaround should be used on server to prevent
> BEAST. It should be used on sending side, i.e. client in case of
> BEAST.
Yes I did notice. Different sources on the Internet state different
things. However, the general consensus does say that it's a client
side only.
> It may make sense, but right now it's at least misleading: people
> may think they are safe from BEAST with this workaround enabled on
> server, while they are not.
You have me convinced. Let's forget about the patch for now.
Thanks for your input Maxim. Highly appreciated.
Cheers,
Srebrenko
More information about the nginx-devel
mailing list