[cryptography] TLS renegotiation patch rollout progress
iang at iang.org
Thu Sep 5 08:00:35 EDT 2013
On 5/09/13 14:30 PM, Rob Stradling wrote:
> On 05/09/13 11:58, ianG wrote:
>> Does anyone have any measurements of the rollout progress for TLS
>> renegotiation bug?
Thanks, spot on! I updated that old post to capture that as today's info.
>> I'm thinking here of the meta-question of the size of the OODA loop for
>> the SSL sector. That is, the bug was discovered around September 2009.
>> At what point was it reliably patched across the SSL ecosystem? Those
>> two points measure the size of the OODA response loop.
So, if we take 82.6% as a fair sign of most of the net being now
protected (80-20 rule?) then the OODA loop measures out as something
like 5 years. Perhaps less if we can measure an 80% coverage before
that (but I don't see historical data on that site).
>> ps: http://financialcryptography.com/mt/archives/001210.html
More information about the cryptography