Y
Hacker News
new
|
ask
|
show
|
jobs
by
0xEA
3993 days ago
Your message length is sent in plain text and unauthenticated. Does this present a problem?
1 comments
tptacek
3993 days ago
Probably not, because messages are authenticated cryptographically, and the lengths are validated before being passed to libsodium. You can't truncate an authenticated message.
link