> - (C)yassl doesn't support - by design - renegotiation. They also don't > implement RFC4756 (secure renegotiation), see [3]. While this is not > a security problem (from a server point of view), it will become an > interoperability problem sooner or later, once browser vendors "make > the switch", and threat non-RFC4756 capable servers as broken [4], > [5], [6]. I wonder how this is going to be fixed, if at all.
typo: I obviously meant RFC5746, not RFC4756.