----- Original Message -----
From: "Stephen Farrell" <stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie>
To: "Stefan Winter" <stefan(_dot_)winter(_at_)restena(_dot_)lu>;
<ietf(_at_)ietf(_dot_)org>
Sent: Friday, December 06, 2013 11:58 AM
On 12/06/2013 10:15 AM, Stefan Winter wrote:
The TV manufacturer could have used it - they were simply stupid
enough to forget about it.
I think in that case, the person who spotted the issue would
also have considered it odd if ciphertext continued to be
emitted after they had clicked the "don't send" button.
The person who spotted the issue did click "don't send" and the messages
continued to be sent (according to the reports). Which is, after all,
exactly what you would expect to see with good security - don't give the
other parties an opportunity to use traffic analysis to determine what
is going on.
Tom Petch
S.