Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding note on handling online guessing attacks #456

Merged
merged 1 commit into from
May 29, 2024

Conversation

kevinlewi
Copy link
Collaborator

Adding some text to the Implementation Considerations section, by creating a subsection called "Handling Online Guessing Attacks", and highlighting the fact that servers should treat incomplete AKE interactions (after client receives KE2) as authentication failures by default.

@kevinlewi kevinlewi requested review from chris-wood and bytemare May 28, 2024 00:44
@kevinlewi kevinlewi merged commit b93489f into cfrg:master May 29, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants