It would have been helpful if the sec announcement had contained a specific list of cipher suites affected, even without the additional list of specific architectures vulnerable. Its hard to communicate clearly ATM to people which suites are or are not affected, so they can know if they are affected. Sam