TLS / SSLv3 vulnerability explained (DRAFT)
Dear List,
This paper explains the vulnerability for a broader audience and
summarizes the information that is currently available. The document
is prone to updates and is believed to be accurate by the time of
writing.
Post:
http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html
Direct Download
http://clicky.me/tlsvuln
Disclaimer
Information is believed to be accurate by the time of writing.
As this vulnerability has complex implications this document
is prone to revisions in the future.
Thierry ZOLLER - G-SEC
http://www.g-sec.lu
Principal Security Consultant