[talk] BEAST ssl attacks still relevant?
okan at demirmen.com
Fri May 22 12:24:28 EDT 2015
On Fri 2015.05.22 at 16:10 +0000, Isaac (.ike) Levy wrote:
> Hey All,
> What do folks think about BEAST these days?
Marking it as a critical violation of policy; which kicks off a series
of processes to remediate or kick off the network with a very short TTL.
> Stuff like this makes me wonder how relevant it really is, (and reminds me
> how the heck it even works eh...),
> How seriously are folks still taking server-side BEAST mitigations (and
> cipher massaging), seeing as it was really a client-side implementation
> issue? I'd love to hear any/all opinions.
> talk mailing list
> talk at lists.nycbug.org
More information about the talk