Syncookies break with Windows 8
Andre Oppermann
andre at freebsd.org
Fri Apr 5 08:49:38 UTC 2013
On 04.04.2013 23:52, Kevin Day wrote:
>
> On Feb 1, 2013, at 5:09 PM, Andre Oppermann <andre at freebsd.org> wrote:
>>
>> I'm working on a solution. Have to make sure that the chance to
>> crack a reduced cookie during its 30 seconds lifetime isn't too
>> high. That means involving our resident crypto experts for
>> verification.
>
>
> Hey, Andre!
>
> I know the security people have been pretty busy, but has there been
> any progress on this? We're still running into the occasional complaint
> with this issue.
Yes, there has been progress on a good fix for the issue. I've also
got excellent feedback from a couple of people on the cryptographic
properties of the new cookie approach. I shall be able to post a
patch for testing in the next days.
--
Andre
More information about the freebsd-net
mailing list