Ion Larranaga Azcue <ila...@s21sec.com> writes: >And for the malicious user that, knowing the server is currently in debug >mode and returning extended errors, can more easily perform attacks on it...
If there's someone on the Internet who can scan every TLS server on the planet once a minute to see a brief debug window open up, and then perform something like a million-message-attack using a single debug message, then they're kinda wasting their abilities in attacking TLS servers... Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
