[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Photuris Cookies

To: ipsec@ans.net, rhousley@spyrus.com
Subject: Re: Photuris Cookies
From: Phil Karn <karn@qualcomm.com>
Date: Wed, 25 Jan 1995 17:36:05 -0800
Cc: sils@arc.nasa.gov

Russ,

Your timing is beautiful. :-) See the current discussion on
comp.security.* of the TCP sequence-number attack that occurred
recently at SDSC. There's a CERT advisory out on it now that
references some papers by Bellovin and Morris that go into the gory
details.

They should explain why you need cookies and a non-TCP protocol.

Phil

Prev by Date: Re[2]: AH-MD5
Next by Date: Re: keyed-MD5 placement of secret
Prev by thread: Re: Photuris Cookies
Next by thread: I-D ACTION:draft-metzger-ah-md5-01.txt
Index(es):
- Main
- Thread