ietf@ietf.org
[Top] [All Lists]

Re: [TLS] Confirming consensus about one

Subject: Re: [TLS] Confirming consensus about one
From: Michael D'Errico
Date: Wed, 27 Jan 2010 10:55:31 -0800
Martin Rex wrote:
Nelson B Bolyard wrote:

What you wrote sounds more like you were expecting "old renegotiation" to
succeed.

Correct, I am expecting that.

That is a configuration option that implementations (hotfixes into
installed base, early during the transition) are likely required
to offer.

In my code, I added three boolean configuration options
which all default to false:

    AllowUnsafeInitialConnect
    AllowRenegotiation
    AllowUnsafeRenegotiation

Hopefully this will make it obvious to people that choosing
the Unsafe options are just that (though the first one will
be needed for a while yet).

Mike
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

<Prev in Thread] Current Thread [Next in Thread>