Can anyone remember why SSLRenegBufferSize is set at 128k (131072 bytes) currently by default ?
And if that is just an accidental default - or if deep thought has gone into it ? And what are the specific things which are likely to break if it is set significantly smaller* ? Thanks, Dw. *: I am still looking at some very rare fringe cases (which back in July I expected to having to do with a hole in stacking) - where part of the (SSL) stack gets unhappy and somehow overloaded and then may allow security bypassing - which I am only seeing a few times a month -and only when there is a high load of users with a long RTT (prolly unrelated).