[talk] BEAST ssl attacks still relevant?
Isaac (.ike) Levy
ike at blackskyresearch.net
Fri May 22 12:10:02 EDT 2015
Hey All,
What do folks think about BEAST these days?
Stuff like this makes me wonder how relevant it really is, (and reminds
me how the heck it even works eh...),
https://community.qualys.com/blogs/securitylabs/2013/09/10/is-beast-still-a-threat
--
How seriously are folks still taking server-side BEAST mitigations (and
cipher massaging), seeing as it was really a client-side implementation
issue? I'd love to hear any/all opinions.
Best,
.ike
More information about the talk
mailing list