On Fri 2008-11-21 02:24:02 -0500, Nikos Mavrogiannopoulos wrote: > Hello, this does not seem to be a gnutls error. The server merely asks > for renegotiation, gnutls-cli ignores it (legal behavior) and server > does not like it thus sends a fatal alert.
Do you think this is exposing a bug in mod_ssl, then? If it is legal behavior to ignore a renegotiation, it seems to me that SSLVerifyClient optional should not cause the server to terminate the connection if a rehandshake is rejected. Should we clone this bug, or open a new report against apache or openssl? --dkg
pgpA4vwP8alS9.pgp
Description: PGP signature