[56822] in North American Network Operators' Group
Re: OpenSSL
daemon@ATHENA.MIT.EDU (Petri Helenius)
Tue Mar 18 10:10:37 2003
From: "Petri Helenius" <pete@he.iki.fi>
To: <alex@yuriev.com>, <nanog@merit.edu>
Date: Tue, 18 Mar 2003 17:09:58 +0200
Errors-To: owner-nanog-outgoing@merit.edu
>
> While the timing attack is the attack against the SSL server, it is my
> reading of the paper that the attacks' success largely depends on ability to
> tightly control the time it takes to communicate with a service using SSL.
> Currently, such control is rather difficult to achive on links other than
> ethernet.
>
Doesn´t MPLS provide consistent delay and minimal jitter and thus SSL
servers connected to MPLS networks are more suspectible to attack?
:-)
Pete
