[
https://issues.apache.org/jira/browse/DIRMINA-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13612626#comment-13612626
]
Jeff MAURY commented on DIRMINA-939:
------------------------------------
Sorry, but I don't see why the JDK patch fixes the issue.
It prevents a man in the middle to issue a renegotiation as it is now
signed/encrypted but does not prevent a massive bunch of nego to be issued.
> SSL Renegotiation DOS
> ---------------------
>
> Key: DIRMINA-939
> URL: https://issues.apache.org/jira/browse/DIRMINA-939
> Project: MINA
> Issue Type: Bug
> Components: Core
> Reporter: Yannick Lecaillez
> Attachments: mina-core.patch
>
>
> More information:
> http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
> SSLFilter is subject to this issue since it allows client renegotiation.
> Test: http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
