crypto/tls: document lack of Lucky13 hardening

author Brad Fitzpatrick <bradfitz@golang.org>

Tue, 8 Dec 2015 16:49:17 +0000 (16:49 +0000)

committer Brad Fitzpatrick <bradfitz@golang.org>

Mon, 14 Dec 2015 18:51:31 +0000 (18:51 +0000)
author Brad Fitzpatrick <bradfitz@golang.org>
Tue, 8 Dec 2015 16:49:17 +0000 (16:49 +0000)
committer Brad Fitzpatrick <bradfitz@golang.org>
Mon, 14 Dec 2015 18:51:31 +0000 (18:51 +0000)
diff --git a/src/crypto/tls/tls.go b/src/crypto/tls/tls.go

index 2554af6c229c6a801456d5234d63e4a07d49c62a..c1d1331bde2e0a3d047bef77c1c07303bc81a29d 100644 (file)
--- a/src/crypto/tls/tls.go
+++ b/src/crypto/tls/tls.go
@@ -5,6 +5,11 @@
  // Package tls partially implements TLS 1.2, as specified in RFC 5246.
  package tls
  
+// BUG(agl): The crypto/tls package does not implement countermeasures
+// against Lucky13 attacks on CBC-mode encryption. See
+// http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
+// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
+
  import (
         "crypto"
         "crypto/ecdsa"
author	Brad Fitzpatrick <bradfitz@golang.org>
	Tue, 8 Dec 2015 16:49:17 +0000 (16:49 +0000)
committer	Brad Fitzpatrick <bradfitz@golang.org>
	Mon, 14 Dec 2015 18:51:31 +0000 (18:51 +0000)