[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TLS Renegotiation problem

From: Tomas Hoger
Subject: Re: TLS Renegotiation problem
Date: Tue, 10 Nov 2009 14:22:16 +0100

On Tue, Nov 10, 2009 at 12:29:04PM +0100, Simon Josefsson wrote:
> If the servers are linked with OpenSSL I don't know if they are
> vulnerable or not, it would depend on whether OpenSSL perform
> renegotiation without application interaction.

OpenSSL and NSS both do renegotiation transparently for application.

> I think we now have some evidence to suggest GnuTLS needn't do anything
> about this.  It seems any use of rehandshake with GnuTLS is
> application-specific and then the answer is probably to fix that
> application instead of GnuTLS.

Is that meant as meant as "no change needed" or "no urgent temporary hotfix
needed"?  Is the implementation of the proposed extension still the
long-term plan, so that apps needing rehandshakes can do them safely?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]