Date: Thu, 10 Dec 2009 12:15:55 +0100 From: =?UTF-8?B?Qm9nZGFuIMSGdWxpYnJr?= <bc@default.rs> To: freebsd-security@freebsd.org Cc: wollman@bimajority.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl Message-ID: <4B20D86B.7080800@default.rs>
next in thread | raw e-mail | index | archive | help
> Actually, pretty much anyone who uses client certificates in an > enterprise environment is likely to have a problem with this, which is > why the IETF TLS working group is working on publishing a protocol > fix. It looks like that RFC should be published, at Proposed > Standard, in a few weeks, and most vendors look prepared to release > implementations of the fix immediately thereafter (as soon as the > relevant constants are assigned by IANA). > > -GAWollman This advisory kinda made big problem here in local (things stopped working). I had to do rollback this update because of "session renegotiation" breakage. Is there some workaround to make things work along with this advisory? Maybe switch to ports/security/openssl ? Can anyone comment on this one? Thanks in advance. =bc
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B20D86B.7080800>