On 01/03/2011 16:50, Filip Hanik - Dev Lists wrote: > On 2/28/2011 5:27 PM, Mark Thomas wrote: >> On 01/03/2011 00:16, Filip Hanik - Dev Lists wrote: <snip/> >>> 4. SSLAuthenticator should have a flag to fail directly without trying >>> to reneg if the connector is misconfigured to avoid reneg for clients >>> vulnerable to the man in the middle reneg attack <snip/> >> I don't understand what you mean in point 4. Could you try and expand on >> that. > Sure, a renegotiation with a non updated client, IIRC would bring > CVE-2009-3555 SSL Man-In-The-Middle attack. > Hence, some sysadmins should have the configuration option to only allow > the initial handshake. > Add in a flag that would say disableRenegotiation="true" (or similar). > Meaning, the only time the valve would work, is if the clientAuth="true" > in the connector.
Ah, got it. That should be doable. Need to be careful that the SSLAuthenticator can correctly distinguish between the two cases but there should be enough information around already without the need to add another configuration option. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
