> What attack do you have in mind via spreading a cookie good for just one > source IP address? Sure the botnet can source TFO from that same IP > address that got the original cookie. Why is that useful?
It's an amplification attack. I don't care about ever getting any reply back. As I first said, it makes UDP-style attacks possible in the TCP domain, and you don't know where the attack is coming from. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev