RE: OpenSSL

["Matt Ryan" <Matt.Ryan () telewest co uk>]

MPLS (on its own) gives you jack-squat in terms of delay and jitter. All the
clever queuing can do it for you - but then it can for IP (because its the
same thing!).


Matt.

-----Original Message-----
From: Petri Helenius [mailto:pete () he iki fi]
Sent: 18 March 2003 15:10
To: alex () yuriev com; nanog () merit edu
Subject: Re: OpenSSL



> While the timing attack is the attack against the SSL server, it is my
> reading of the paper that the attacks' success largely depends on ability
to
> tightly control the time it takes to communicate with a service using SSL.
> Currently, such control is rather difficult to achive on links other than
> ethernet.
Doesn´t MPLS provide consistent delay and minimal jitter and thus SSL
servers connected to MPLS networks are more suspectible to attack?










:-)

Pete


------------------------------------------------------------------------------
Live Life in Broadband
www.telewest.co.uk


The information transmitted is intended only for the person or entity to which it is addressed and may contain 
confidential and/or privileged material.
Statements and opinions expressed in this e-mail may not represent those of the company. Any review, retransmission, 
dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other 
than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and 
delete the material from any computer.


==============================================================================