On 18/10/2013 13:46, Konstantin Kolinko wrote: > 2013/10/18 Mark Thomas <ma...@apache.org>: >> On 17/10/2013 00:44, Konstantin Preißer wrote: >> >> <snip/> >> >> >> There is a long series of these results: >> Read result [1] >> Read result [48] >> Read result [-120002] >> >> which looks fairly normal (I need to look into why we see a single byte >> and then 48 bytes rather than 49 bytes). >> > > A 1/(n-1) split is usually a counter-measure against BEAST attack on > TLS 1.0 (CVE-2011-3389) > > (I have not looked whether it is what actually happens here, but just > noting to save you some time, as the scheme sounds familiar).
Thanks. That makes sense. Mark > > http://www.mail-archive.com/openssl-dev@openssl.org/msg29810.html > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389 > http://www.educatedguesswork.org/2011/11/rizzoduong_beast_countermeasur.html > > Best regards, > Konstantin Kolinko > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org > For additional commands, e-mail: dev-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org