Hello All,
We have openssl 0.9.8r on our Linux Server.
A Nessus security scan on our Linux server tells us that we may be
vulnerable to a potential DOS due to SSL/TLS Renegotiation
Vulnerability [CVE-2011-1473].
The suggestions of mitigating these (we believe) are:
1. Disable Re-Negotiation c
> From: owner-openssl-us...@openssl.org On Behalf Of Ashok C
> Sent: Tuesday, 20 December, 2011 04:16
> What will be the recommendation from the open source community for
> supporting the following scenario in a openSSL based client/server
application:
> The certi
Hi,
What will be the recommendation from the open source community for
supporting the following scenario in a openSSL based client/server
application:
*The certificates involved:*
old CA certificate of the CA authority(root)
new CA certificate of the CA authority(root)
Server's end entity certifi