[jira] [Updated] (DIRMINA-939) Disable SSL Renegotiation to prevent Denial of Service

Jonathan Valliere (JIRA) Fri, 24 May 2019 06:59:15 -0700


     [ 
https://issues.apache.org/jira/browse/DIRMINA-939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jonathan Valliere updated DIRMINA-939:
--------------------------------------
    Summary: Disable SSL Renegotiation to prevent Denial of Service  (was: SSL 
Renegotiation DOS)

> Disable SSL Renegotiation to prevent Denial of Service
> ------------------------------------------------------
>
>                 Key: DIRMINA-939
>                 URL: https://issues.apache.org/jira/browse/DIRMINA-939
>             Project: MINA
>          Issue Type: Bug
>          Components: Core
>            Reporter: Yannick Lecaillez
>            Assignee: Jonathan Valliere
>            Priority: Major
>             Fix For: 2.0.14
>
>         Attachments: mina-core.patch
>
>
> More information:
> http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
> SSLFilter is subject to this issue since it allows client renegotiation.
> Test: http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Updated] (DIRMINA-939) Disable SSL Renegotiation to prevent Denial of Service

Reply via email to