Archive for October 10th, 2010

SSL renegotiation


Here is a link to an interesting article from Ivan Ristic about SSL renegotiation, the issue discovered almost a year ago that could lead to MITM attacks: http://blog.ivanristic.com/2010/10/disabling-ssl-renegotiation-is-a-crutch-not-a-fix.html. The point is that disabling renegotiation altogether in the web servers (those that do not need it) give no indication of their security status to the different […]

Comments Off on SSL renegotiation