Nelson,
can you say something about whether & when Firefox will deliver "relief"
for this issue?
My motivation for the question is here:
http://financialcryptography.com/mt/archives/001210.html
iang
On 07/12/2009 10:22, Nelson B Bolyard wrote:
NSS version 3.12.5 has been released in source code form from the master
upstream CVS repository with the CVS NSS_3_12_5_RTM.
The relief consists of disabling the vulnerable renegotiation feature of
the SSL3/TLS protocol by default in both clients and servers, whether
initiated by the process at the local or remote end of the connection.
Both, local and remote. OK.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
