Re: What does SSL/TLS do if it can't verify a MAC?
From: Bodo Moeller (moeller_at_cdc.informatik.tu-darmstadt.de)
Date: 05/19/03
- Next message: Dave Thornburgh: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Previous message: Bodo Moeller: "Re: What does SSL/TLS do if it can't verify a MAC?"
- In reply to: Panu Hämäläinen: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Next in thread: Panu Hämäläinen: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Reply: Panu Hämäläinen: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 19 May 2003 15:13:28 +0000 (UTC)
Panu Hämäläinen <panu.hamalainen@NOSPAM.tut.fi.invalid>:
> I guess the packets with failing MACs are dropped. Otherwise a third party
> could quite easily implement a denial of service attack for a specific IP
> address.
SSL/TLS is not packet-level protocols, it usually runs on top of TCP.
So a third party can easily implement a denial-of-service attack
anyway by sending a TCP FIN or RST.
-- Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de> PGP http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/0x36d2c658.html * TU Darmstadt, Theoretische Informatik, Alexanderstr. 10, D-64283 Darmstadt * Tel. +49-6151-16-6628, Fax +49-6151-16-6036
- Next message: Dave Thornburgh: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Previous message: Bodo Moeller: "Re: What does SSL/TLS do if it can't verify a MAC?"
- In reply to: Panu Hämäläinen: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Next in thread: Panu Hämäläinen: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Reply: Panu Hämäläinen: "Re: What does SSL/TLS do if it can't verify a MAC?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Loading
