1. 4
    1. 1

      If this is similar in severity to Poodle, does that mean all CBC ciphers are doomed?

      This will be a major problem for many users, since (AFAIK) this will disable usage of TLS below 1.2. It would be nice if someone could clarify :)

      1. 3

        These are implementation flaws, but they’re caused by a spec that’s hard to get right.

        You can implement CBC mode in a secure way. It’s complicated. The underlying vuln is known since 13 years and people still don’t implement it correctly.