On Fri, Feb 17, 2012 at 23:36, dvbportal <[email protected]> wrote: > Thanks for the new version. I've just updated our proxy to v0.6.11 but > the session renegotiation vulnerability is still > reported. https://www.ssllabs.com/ssldb/analyze.html?d=api.cloudno.de
It probably tries a single renegotiation, the default limit is 3 every 10 minutes. You can find more info here[1]. [1] http://nodejs.org/docs/v0.6.11/api/tls.html#client_initiated_renegotiation_attack_mitigation
