[OWASP_PHPSEC] HTTPS Security
abiusx at owasp.org
Fri Aug 2 12:51:16 UTC 2013
a new attack has been proposed in BlackHat, regarding HTTPS, which uses oracles:
This further proves my point that HTTPS connections have to be concatenated with random garbage, to prevent many types of attacks.
We need a core library that does this with HTTPS, via a shutdown function.
Notice: This message is digitally signed, its source and integrity are verifiable.
If you mail client does not support S/MIME verification, it will display a file (smime.p7s), which includes the X.509 certificate and the signature body. Read more at Certified E-Mail with Comodo and Thunderbird in AbiusX.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP_PHP_Security_Project