NTS off the ground - time for testing
Hal Murray
hmurray at megapathdsl.net
Wed Feb 20 22:00:28 UTC 2019
dfoxfranke at gmail.com said:
>> The K and I used to encrypt cookies is a hack constant so old
>> cookies work over server reboots.
> I assume this is temporary while you work on this code, right? Obviously if K
> is a hardcoded constant you have no security.
Right. Total hack to allow debugging the NTS extensions. They seemed like
the long pole in the tent.
I'll nuke that code as soon as we get the code to save/restore K/I from disk
working.
[Fall back to non-NTS mode when run out of cookies]
> Don't do that. Not even temporarily, not even as an option, not even
> "opportunistically". If an adversary can force a client out of NTS mode by
> dropping a few NTS packets, then NTS has no value.
Again. It's a hack to allow debugging without breaking things.
--
These are my opinions. I hate spam.
More information about the devel
mailing list