[riot-notifications] [RIOT-OS/RIOT] pkg/tinydtls: handling of close_notify (#16422)

János Brodbeck notifications at github.com
Tue Jul 6 19:01:16 CEST 2021

> There is just nothing as a TCP FIN for UDP. So, any references, what that attack means for UDP?

That's actually a good question, what this means for UPD. I've taken the truncation part directly out of the TLS RFC. Since we should(!) not have real application sessions over UDP, I can imagine that we do not have this problem here. But I also do not want to exclude that it does not open a similar problem. I'm honestly also too little in the picture, what it takes for truncation attacks all to effectively exploit.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riot-os.org/pipermail/notifications/attachments/20210706/974c8ca2/attachment.htm>

More information about the notifications mailing list