Date: Fri, 05 Apr 2013 10:49:30 +0200 From: Andre Oppermann <andre@freebsd.org> To: Kevin Day <kevin@your.org> Cc: freebsd-net@freebsd.org Subject: Re: Syncookies break with Windows 8 Message-ID: <515E901A.9010304@freebsd.org> In-Reply-To: <3DABEC7E-78B8-49DE-9F76-0B96019E8424@your.org> References: <CA61E725-8370-4ED2-BBA7-F6FAFF93A553@your.org> <510C4424.4030701@networx.ch> <E45CF5BB-39A2-45F0-B0A8-DD01D8299585@your.org> <510C4B17.4040509@freebsd.org> <3DABEC7E-78B8-49DE-9F76-0B96019E8424@your.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04.04.2013 23:52, Kevin Day wrote: > > On Feb 1, 2013, at 5:09 PM, Andre Oppermann <andre@freebsd.org> wrote: >> >> I'm working on a solution. Have to make sure that the chance to >> crack a reduced cookie during its 30 seconds lifetime isn't too >> high. That means involving our resident crypto experts for >> verification. > > > Hey, Andre! > > I know the security people have been pretty busy, but has there been > any progress on this? We're still running into the occasional complaint > with this issue. Yes, there has been progress on a good fix for the issue. I've also got excellent feedback from a couple of people on the cryptographic properties of the new cookie approach. I shall be able to post a patch for testing in the next days. -- Andre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?515E901A.9010304>