crypto/tls: document lack of Lucky13 hardening

Updates #13385 Change-Id: I9c2edf8c02adc388c48760b29e63dfa2966262d6 Reviewed-on: https://go-review.googlesource.com/17532Reviewed-by: Tim Cooijmans <timcooijmans@gmail.com> Reviewed-by: Adam Langley <agl@golang.org>

crypto/tls: document lack of Lucky13 hardening
Updates #13385 Change-Id: I9c2edf8c02adc388c48760b29e63dfa2966262d6 Reviewed-on: https://go-review.googlesource.com/17532Reviewed-by: Tim Cooijmans <timcooijmans@gmail.com> Reviewed-by: Adam Langley <agl@golang.org>
91abab04 · Brad Fitzpatrick · 0954c801 · 91abab04
Commit 91abab04 authored Dec 08, 2015 by Brad Fitzpatrick
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 0 deletions

src/crypto/tls/tls.go src/crypto/tls/tls.go +5 -0

No files found.
--- a/src/crypto/tls/tls.go
+++ b/src/crypto/tls/tls.go
@@ -5,6 +5,11 @@
 // Package tls partially implements TLS 1.2, as specified in RFC 5246.
 package tls

+// BUG(agl): The crypto/tls package does not implement countermeasures
+// against Lucky13 attacks on CBC-mode encryption. See
+// http://www.isg.rhul.ac.uk/tls/TLStiming.pdf and
+// https://www.imperialviolet.org/2013/02/04/luckythirteen.html.
+
 import (
 	"crypto"
 	"crypto/ecdsa"