On Apr 3, 9:45 am, Jean-Marc Desperrier <jmd...@free.fr> wrote: > It's the sites that need to catch on those updates. > And web developers can have power to influence those sites to update.
FWIW, I am a DreamHost customer and I just submitted a support ticket with them to close the vulnerability for customer sites (initially by refusing client-initiated renegotiation, eventually by implementing safe renegotiation). -- Matt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto