TLS Renegotiation problem

Steve Dispensa dispensa at phonefactor.com
Tue Nov 10 20:27:00 CET 2009


On 11/10/09 12:13 PM, "Florian Weimer" <fw at deneb.enyo.de> wrote:

> * Simon Josefsson:
> 
>> So, in summary, given (my) current knowledge there is no need to either
>> patch GnuTLS or any server application using GnuTLS.
> 
> But GNUTLS would have to implement the extension to secure connections
> to servers which support renegotiation.

(...which support safe renegotiation using the extension - no such thing as
safe renegotiation absent both client and server supporting the extension.)

 -Steve






More information about the Gnutls-devel mailing list