[ https://issues.apache.org/jira/browse/DIRMINA-939?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jonathan Valliere resolved DIRMINA-939. --------------------------------------- Resolution: Won't Do You can disable SSL renegotiation using launch properties. https://help.mulesoft.com/s/article/How-to-Disable-Client-Initiated-TLS-renegotiation-in-Java > Disable SSL Renegotiation to prevent Denial of Service > ------------------------------------------------------ > > Key: DIRMINA-939 > URL: https://issues.apache.org/jira/browse/DIRMINA-939 > Project: MINA > Issue Type: Bug > Components: Core > Reporter: Yannick Lecaillez > Assignee: Jonathan Valliere > Priority: Major > Attachments: mina-core.patch > > > More information: > http://www.ietf.org/mail-archive/web/tls/current/msg07553.html > SSLFilter is subject to this issue since it allows client renegotiation. > Test: http://blog.ivanristic.com/2009/12/testing-for-ssl-renegotiation.html -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org For additional commands, e-mail: dev-h...@mina.apache.org