Are there plans for OpenSSL to adopt the 1/n-1 record splitting technique
(credit Xuelei Fan) that the browsers appear to be using to mitigate the BEAST
attack?
I realize that OpenSSL currently contains a different mitigation technique
(sending empty fragments). Evidently there are broken SSL implementations
still in use that don't get along with this technique.
Thanks.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org