"Barry Raveendran Greene" <[email protected]> writes: > You will have to wait on the TLS Working Group in the IETF to finish > if your application needs renegotiation.
The correct anser is: You will have to perform a threat assessment to determine how likely a MITM attack is, how serious the consequences would be, whether the product of these two factors is sufficiently low to justify continued operation with a flawed protocol, and, should you decide to go on, what measures can be put in place to mitigate the consequences of an attack. DES -- Dag-Erling Smørgrav - [email protected] _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "[email protected]"
