On 3/3/2010 4:41 PM, Joe Orton wrote:
> b) real clients don't initiate reneg, so it's not a practical issue
^ OpenSSLNote that other real clients based on other libraries aren't likely to share the exact same flaw as OpenSSL in accepting the renegotiation failure or terminating the connection if that wasn't an acceptable answer.
