SSL/TLS: Renegotiation Vulnerability

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Linear Mode

SSL/TLS: Renegotiation Vulnerability

Alexandre Machado Offline

Administrator

Posts: 2,365
Threads: 217
Joined: Mar 2018
Reputation: 87
Location: Auckland, New Zealand

07-04-2023, 05:46 AM (This post was last modified: 07-04-2023, 05:46 AM by Alexandre Machado.)

This affects all OpenSSL versions as far as I know. I'll do some research but if this is not fixed in OpenSSL, it is a problem without solution, unless you move to Http.sys.

However, I'd like to point out that a gigantic part of Internet's HTTPS is powered by OpenSSL. I'm not convinced that these auditors consider half the world's HTTPS sites "unsafe"

Find

« Next Oldest | Next Newest »

Messages In This Thread

SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-23-2023, 06:09 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 06-26-2023, 07:56 AM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 07-04-2023, 05:00 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 07-04-2023, 05:37 AM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 07-04-2023, 05:46 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 09-26-2023, 03:37 AM

RE: SSL/TLS: Renegotiation Vulnerability - by mhammady - 09-26-2023, 04:08 PM

RE: SSL/TLS: Renegotiation Vulnerability - by Alexandre Machado - 09-27-2023, 06:55 AM

RE: SSL/TLS: Renegotiation Vulnerability - by pgnair - 09-29-2023, 02:43 AM

View a Printable Version

Users browsing this thread: 1 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me