Y
Hacker News
new
|
ask
|
show
|
jobs
by
NoInputSignal
2251 days ago
I think this points out that the semantics of trusting the header (which is still a part of the message) at all is flawed and leads to implementations getting it wrong and leaving gaps for attackers to exploit.