Hello,
Is there a way in Gnutls to disable renogotiation on TLS and a way to disable
client initiated secure renegotiation?
This is useful to harden the server. For example Exim4+Gnutls on Debian 10.
There does not seem to be a need to support renegotiation or resumption on a
mail server, because STARTTLS sessions are set up in each SMTP session.
Disabling renegotiation reduces the attack surface.
Thanks
John
_______________________________________________
Gnutls-help mailing list
Gnutls-help@lists.gnutls.org
http://lists.gnupg.org/mailman/listinfo/gnutls-help
