|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Garrett Wollman (wollman
bimajority.org)
Date: Thu Dec 03 2009 - 16:52:58 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
<<On Thu, 3 Dec 2009 09:30:39 GMT, FreeBSD Security Advisories <security-advisoriesfreebsd.org> said:
> NOTE WELL: This update causes OpenSSL to reject any attempt to renegotiate
> SSL / TLS session parameters. As a result, connections in which the other
> party attempts to renegotiate session parameters will break. In practice,
> however, session renegotiation is a rarely-used feature, so disabling this
> functionality is unlikely to cause problems for most systems.
Actually, pretty much anyone who uses client certificates in an
enterprise environment is likely to have a problem with this, which is
why the IETF TLS working group is working on publishing a protocol
fix. It looks like that RFC should be published, at Proposed
Standard, in a few weeks, and most vendors look prepared to release
implementations of the fix immediately thereafter (as soon as the
relevant constants are assigned by IANA).
-GAWollman
_______________________________________________
freebsd-securityfreebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribefreebsd.org"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]