在 2011-09-20二的 11:09 +0200,Alvaro Lopez Ortega写道: > Folks, > > > You ought to be aware of this if you site relays on TLS 1.0: > > > "... The vulnerability resides in versions 1.0 and earlier of TLS, or > transport layer security, the successor to the secure sockets layer > technology that serves as the internet's foundation of trust. Although > versions 1.1 and 1.2 of TLS aren't susceptible, they remain almost > entirely unsupported in browsers and websites alike." > > > "... requires about two seconds to decrypt each byte of an encrypted > cookie. That means authentication cookies of 1,000 to 2,000 characters > long will still take a minimum of a half hour for their PayPal attack > to work. Nonetheless, the technique poses a threat to millions of > websites that use earlier versions of TLS" > > > http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ > > > > -- > Greetings, alo. > http://www.alobbs.com/ > _______________________________________________ > Cherokee mailing list > [email protected] > http://lists.octality.com/listinfo/cherokee
wow,your new email address is so COOL~ how did you get it? are you a member of GNU project? Alvaro Lopez Ortega.(sorry for OT) -- Best regards, Sharl.Jimh.Tsin (From China **Obviously Taiwan INCLUDED**) Using Gmail? Please read this important notice: http://www.fsf.org/campaigns/jstrap/gmail?10073.
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
