Add URL with more info to timing security issues

author: Sybren A. Stüvel <sybren@stuvel.eu> 2020-10-26 15:36:20 +0100
committer: Sybren A. Stüvel <sybren@stuvel.eu> 2020-10-26 15:36:20 +0100
commit: 6f59ff07a317409fe68696935daf8549b1555c74 (patch)
tree: 93ee6cc22c33fc337ef90adf8827f6ed1eb9b272
parent: da6fc2cb6a663d1e1d3e59ee99a4653f8b6272aa (diff)
download: rsa-git-6f59ff07a317409fe68696935daf8549b1555c74.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/README.md b/README.md
index 875c7f6..2684060 100644
--- a/README.md
+++ b/README.md
@@ -26,7 +26,7 @@ licensed under the [Apache License, version 2.0](https://www.apache.org/licenses
 Security
 --------
 
-Because of how Python internally stores numbers, it is very hard (if not impossible) to make a pure-Python program secure against timing attacks. This library is no exception, so use it with care.
+Because of how Python internally stores numbers, it is very hard (if not impossible) to make a pure-Python program secure against timing attacks. This library is no exception, so use it with care. See https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python/ for more info.
 
 
 Major changes in 4.1
author	Sybren A. Stüvel <sybren@stuvel.eu>	2020-10-26 15:36:20 +0100
committer	Sybren A. Stüvel <sybren@stuvel.eu>	2020-10-26 15:36:20 +0100
commit	6f59ff07a317409fe68696935daf8549b1555c74 (patch)
tree	93ee6cc22c33fc337ef90adf8827f6ed1eb9b272
parent	da6fc2cb6a663d1e1d3e59ee99a4653f8b6272aa (diff)
download	rsa-git-6f59ff07a317409fe68696935daf8549b1555c74.tar.gz