mbedTLS/PolarSSL -- SLOTH attack on TLS 1.2 server authentication
ARM Limited reports:
MD5 handshake signatures in TLS 1.2 are vulnerable to the SLOTH attack
on TLS 1.2 server authentication. They have been disabled by default.
Other attacks from the SLOTH paper do not apply to any version of mbed
TLS or PolarSSL.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright