Code review request, 7188658 Add possibility to disable client initiated renegotiation
Matthew Hall
mhall at mhcomputing.net
Wed May 29 17:11:24 UTC 2013
On Wed, May 29, 2013 at 07:06:41PM +0200, Bernd Eckenfels wrote:
> PS: i still would prefer to allow applications deal with this by having a
> syncronous handshake listener (would could then count handshake frequency
> and close the socket).
Expecting applications to do this would not be secure by default, and would
result in a lot of cut-and-paste code. At minimum there should be a reasonable
default implementation which does something sane, that an app could choose to
manually override if there was a good reason for it.
Matthew.
More information about the security-dev
mailing list