2011/4/16 Chris Hill :
[...]
> SSL handshakes take more processing power in the server side than on the
> client side (some commented in the order of 15x more). This is great news
> for attackers who want to take down a site and the work has already be done
> for them through recent exploits develo
would mod_reqtimeout step in after too many renegotiations had eaten
too much wall time?
On 4/16/2011 2:39 PM, Daniel Ruggeri wrote:
> On 4/16/2011 11:52 AM, Chris Hill wrote:
>> but how can I ensure this will never be turned back on in
>> future releases given the lack of configuration parameters?
>
> Chris;
>I believe this topic (enable/disable renegotiation) was brought up on t
On 4/16/2011 11:52 AM, Chris Hill wrote:
Dear Apache httpd dev list,
...
The reason why I insist in this is that the world has come to depend on
HTTP/SOAP over SSL (and Apache/OpenSSL are probably the most popular
implementation) for business critical apps, yet, it is not clear how
these business
On 4/15/11 6:11 PM, "Reindl Harald" wrote:
>
> Am 15.04.2011 23:01, schrieb Jeff Trawick:
>
>> FastCGI is a way to get us out of all sorts of dark alleys; let's be
>> sure to keep it in mind as one of the tools to address binary
>> compatibility issues, PHP-centered or not
>
> but you can not
Dear Apache httpd dev list,
There have been previous posts on this topic (I've initiated some in both
OpenSSL and Apache mailing lists), but I'd like to now just narrow the topic
down to what seems to be the most relevant points for which there are not
yet answers. We need you (the smart folks ;)