[56826] in North American Network Operators' Group
RE: OpenSSL
daemon@ATHENA.MIT.EDU (alex@yuriev.com)
Tue Mar 18 11:56:50 2003
Date: Tue, 18 Mar 2003 11:57:05 -0500 (EST)
From: alex@yuriev.com
To: nanog@merit.edu
In-Reply-To: <B55BD6063157D411AA930008C707C7B103358B58@BR-YK-XCHG-1>
Errors-To: owner-nanog-outgoing@merit.edu
> MPLS (on its own) gives you jack-squat in terms of delay and jitter. All the
> clever queuing can do it for you - but then it can for IP (because its the
> same thing!).
As Eric stated in his previous message, I have not realized that his point
was that even one machine that has an ethernet connection directly to the
SSL-enabled service, the SSL timing attack is possible. Of course, such
setup is the most common way of connecting systems with SSL-enabled services
to the internet.
Alex
