Thierry Zoller has written a nice summary of the TLS & SSLv3 renegotiation vulnerability. He covers examples, impacts, solutions, and a conclusion. It can be found here: http://www.g-sec.lu/practicaltls.pdf. The ISC previously discussed the vulnerability here: http://isc.sans.org/diary.html?storyid=7534 and the OpenSSL update here: http://isc.sans.org/diary.html?storyid=7543. Cheers, |
Adrien de Beaupre 353 Posts ISC Handler Nov 13th 2009 |
Thread locked Subscribe |
Nov 13th 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!