https://issues.apache.org/bugzilla/show_bug.cgi?id=47055
--- Comment #43 from Mike <[email protected]> 2009-11-09 08:56:47 UTC --- Ruediger, 1. does the config still vulnerable if user redirects to "/mihailp1/www-secure/s" only after double authentication by soft (password-pin)? 2. why *this* config vulnerable if i disable renegotiation initiated by client? Thank you. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
