The RFC has a lot of statements about silently dropping packets in case of various anomalies. But the correct action should be to drop the connection. This would uncover faulty implementations and other bugs that may slide due to 'silently drop' behavior. It'll also make malicious activity a bit more difficult and exposed due to the necessity to reestablish connections for any brute force attempts.
What is your opinion on this? Cheers, Tolga Ceylan ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
