On 2016-08-08 20:16:58 [+0000], Viktor Dukhovni wrote: > On Mon, Aug 08, 2016 at 08:57:26PM +0200, Sebastian Andrzej Siewior wrote: > > support for re-negotiation request from the client. From looking around, > > nginx for instance does not support renegotiation from client's side. > > Postfix supports rate limiting new session creation: > > > http://www.postfix.org/postconf.5.html#smtpd_client_new_tls_session_rate_limit > > Other servers can implement similar resource limits as appropriate.
I don't really know what I am supposed to do with this information. Do you want me to add this as an example into the doc patch or do you simply point out that others already took precautions? Sebastian -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
