On Thu, Dec 28, 2017 at 04:12:52PM +, Matt Caswell wrote:
>
>
> The point is a stateless server will not know about CH1 at the point
> that it receives CCS. Actually, as Ilari points out, there could be any
> junk (including partial records) arriving between CH1 and CH2. So this
> feels more
> On 30 Dec 2017, at 7:03, Peter Gutmann wrote:
>
> Jitendra Lulla writes:
>
>> The client can have a rogue TLS implementation with the following intentional
>> changes:
>>
>> 0. Choose CBC with AES256-SHA56 or any other heavier (in terms of processing
>> power requirements) and non parallel
