They should be regarded as expensive today, because key exchange is one of disti... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		chalst on April 11, 2014 \| parent \| context \| favorite \| on: OpenBSD disables Heartbeat in libssl, questions IE... They should be regarded as expensive today, because key exchange is one of distinct parts of the attack surface of an SSL implementation. The less often this exchange is visible to eavesdroppers, the better.

tptacek on April 11, 2014 | [–]

Repeated TLS reconnections do not necessarily invoke the entire key exchange.

tinco on April 11, 2014 | [–]

.. I don't think that's a very realistic concern, is it?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact