On Tue, Dec 22, 2009 at 11:42:02PM +0100, Christoph Anton Mitterer wrote: > Hi Mike. > > On Tue, 2009-12-22 at 19:37 +0100, Mike Hommey wrote: > > Can you try after setting the NSS_SSL_ENABLE_RENEGOTIATION environment > > variable to 1 ? (with nss 3.12.5-1, obviously). > Yes this "fixes" the problem.
This just confirms the diagnostic, which is that nss 3.12.5 disabled renegotiation because of CVE-2009-3555. Now, we need to decide how to allow client authentication without putting users too much at risk. Mike -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
