subject:"RE\: Disable TLS renegotiation"

Re: Disable TLS renegotiation

2014-05-16 Thread Patrick Hemmer

*From: *Lukas Tribus *Sent: * 2014-05-16 13:23:43 E *To: *Patrick Hemmer , haproxy@formilux.org *Subject: *RE: Disable TLS renegotiation > Hi Patrick, > > >> While going through the Qualys SSL test >> (https://www.ssllabs.com/ssltest), one of the items it mentions is a

RE: Disable TLS renegotiation

2014-05-16 Thread Lukas Tribus

Hi Patrick, > While going through the Qualys SSL test > (https://www.ssllabs.com/ssltest), one of the items it mentions is a > DoS vulnerability in regards to client-side initiated SSL renegotiation > (https://community.qualys.com/blogs/securitylabs/2011/10/31/tls-renegotiation-and-denial-o