On 2010-07-15 2:45 PM, Nate Lawson wrote:
Starting the compare at a random point is much more difficult and error-prone than implementing a constant-time compare function. Please see Taylor's original note, which included such a constant-time function.
The starting point of the compare only has to be unpredictable to the attacker, rather than true random, so not so difficult.
_______________________________________________ security mailing list [email protected] http://lists.openid.net/mailman/listinfo/openid-security
