On 10/26/2011 12:56 PM, Joe Gooch wrote: > Did you try compiling with Openssl 0.9.8l?
Is it worth going back to OpenSSL 0.9.8l (from 1.0.x) and therefore ignore all bug & security fixes that went afterwards? I don't think so. I still, however, would like to disable renegotiation but, apparently, this is not trivial with OpenSSL. Regards, Jorge p.d. still surprised that people here are not commenting on this - considering the easy to use exploit is out there :( -- To unsubscribe send an email with subject unsubscribe to [email protected]. Please contact [email protected] for questions.
