TLS / SSLv3 vulnerability explained (DRAFT)

[Thierry Zoller <Thierry () zoller lu>]

Dear List,

This paper explains the vulnerability for a broader audience and
summarizes the information that is currently available. The document
is prone to updates and is believed to be accurate by the time of
writing.

Post:
http://blog.g-sec.lu/2009/11/tls-sslv3-renegotiation-vulnerability.html

Direct Download
http://clicky.me/tlsvuln

Disclaimer
Information is believed to be accurate by the time of writing.
As this vulnerability has complex implications this document
is prone to revisions in the future.


Thierry ZOLLER - G-SEC
http://www.g-sec.lu
Principal Security Consultant