On Tue, Nov 10, 2009 at 12:29:04PM +0100, Simon Josefsson wrote: > If the servers are linked with OpenSSL I don't know if they are > vulnerable or not, it would depend on whether OpenSSL perform > renegotiation without application interaction.
OpenSSL and NSS both do renegotiation transparently for application. > I think we now have some evidence to suggest GnuTLS needn't do anything > about this. It seems any use of rehandshake with GnuTLS is > application-specific and then the answer is probably to fix that > application instead of GnuTLS. Is that meant as meant as "no change needed" or "no urgent temporary hotfix needed"? Is the implementation of the proposed extension still the long-term plan, so that apps needing rehandshakes can do them safely? Thanks! th. _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
