diff options
author | Simon Josefsson <simon@josefsson.org> | 2007-02-06 21:31:24 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2007-02-06 21:31:24 +0000 |
commit | 35033bad9d1cce806f4f542a6017c37b1a7f2a3c (patch) | |
tree | 73e15c9929fc035898f964f115a7aad806b87cff /doc/gnutls.texi | |
parent | da64702342b6ed7878d377c262e58dbc2c4833f4 (diff) | |
download | gnutls-35033bad9d1cce806f4f542a6017c37b1a7f2a3c.tar.gz |
Fix.
Diffstat (limited to 'doc/gnutls.texi')
-rw-r--r-- | doc/gnutls.texi | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/doc/gnutls.texi b/doc/gnutls.texi index 7b02d0a4bc..d0b5082394 100644 --- a/doc/gnutls.texi +++ b/doc/gnutls.texi @@ -807,20 +807,20 @@ problems in @acronym{SSL} 2.0 include: @itemize -@item Message integrity compromised +@item Message integrity compromised. The @acronym{SSLv2} message authentication uses the MD5 function, and is insecure. -@item Man-in-the-middle attack +@item Man-in-the-middle attack. There is no protection of the handshake in @acronym{SSLv2}, which permits a man-in-the-middle attack. -@item Truncation attack +@item Truncation attack. @acronym{SSLv2} relies on TCP FIN to close the session, so the attacker can forge a TCP FIN, and the peer cannot tell if it was a legitimate end of data or not. -@item Weak message integrity for export ciphers +@item Weak message integrity for export ciphers. The cryptographic keys in @acronym{SSLv2} are used for both message authentication and encryption, so if weak encryption schemes are negotiated (say 40-bit keys) the message authentication code use the |