If I disable everything except TLS 1.2 in nginx, how much breakage should I expect? Has anyone tried?<p>The latest stable Fx and Chrome, including mobile, will still work, right? What about various web services like rss readers or the google bot?
Really great explanation, as I asked there I don't see how it can be used if we don't know how long the padding is.<p>One idea would be to try to change the ciphertext so it would produce a entire padding block (and then it would be easy to test if it is indeed an entire block of padding just be tampering it without modifying the last byte and it would still be accepted).<p>I guess someone here could answer my question?