* TLS records are carried over TCP segments. What if an attacker can change
the way records are divided into segments, and thereby trigger a bug in the
record parser?
Why do you think this is possible? The sizse of the record is part of what’s
secured.
_
It seems to me that if this is a valid threat model, then all software is
potentially vulnerable.
TLS records are carried over TCP segments. What if an attacker can change
the way records are divided into segments, and thereby trigger a bug in the
record parser?
On Fri, Apr 20, 2018 at 9:40 AM, V
