> Thanks for your advice. Looks a pretty daunting challenge to be honest!
> I don't really have a threat model of any use.. it's kind of me verus the
> whole internet.
One of the well-known content delivery companies was going to have
an IETF I-D that would force some client pre-computation, to avoid
SSL DoS. I don't know if it expired, or never happened.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
