Hi Nico,
On 8/18/14, 5:35 PM, Nico Williams wrote:
- Follow RFCs as strict as possible to defeat fingerprinting attacks
Agreed, but again: too generic.
- If a connection is one-sided authenticated (eg like TLS) ensure your
protocol is okay with a role-reversal (eg if it needs to authenticate
the end that was anonymous)
Ditto.
Are you saying you want an example of one-sided authentication where
role-reversal #FAILs?
Eliot
signature.asc
Description: OpenPGP digital signature