crypto/tls: update CBC Lucky13 warning a bit
Some countermeasures were implemented in https://golang.org/cl/18130 Updates #13385 Change-Id: I723e1e3be0fa6d13767b65b145d90c89e92b2774 Reviewed-on: https://go-review.googlesource.com/33665 Reviewed-by: Adam Langley <agl@golang.org>
This commit is contained in:
parent
1b8b6efd10
commit
c2df6cccbd
2
tls.go
2
tls.go
@ -5,7 +5,7 @@
|
|||||||
// Package tls partially implements TLS 1.2, as specified in RFC 5246.
|
// Package tls partially implements TLS 1.2, as specified in RFC 5246.
|
||||||
package tls
|
package tls
|
||||||
|
|
||||||
// BUG(agl): The crypto/tls package does not implement countermeasures
|
// BUG(agl): The crypto/tls package only implements some countermeasures
|
||||||
// against Lucky13 attacks on CBC-mode encryption. See
|
// against Lucky13 attacks on CBC-mode encryption. See
|
||||||
// http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
|
// http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
|
||||||
// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
|
// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
|
||||||
|
Loading…
Reference in New Issue
Block a user