On Wed, Jan 27, 2010 at 10:41:02PM +0000, Dr Stephen Henson wrote: > FYI the initial documentation is here: > > http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html#SECURE_RENEGOTIATION > > there are currently only two flags to set in an SSL/SSL_CTX structure. Though > servers might want to make use of SSL_get_secure_renegotiation_support() too.
Thanks a lot for doing all that work! I've added an "SSLInsecureRenegotiation" directive which will flip that flag on, here: http://svn.apache.org/viewvc?rev=906039&view=rev It seems to all work as expected with 1.0.0 beta 5. Regards, Joe
