Turning on TLS renegotiation

sonicool tomash87life at interia.pl
Tue Oct 18 11:01:50 EDT 2011 

Hi Trustin,I wanted to ask when this version 3.2.6 will be published? Because I have found release notes about it on the web, but still not .jar :). Thanks"Trustin Lee [via Netty Forums and Mailing Lists]" <ml-node+s685743n6876607h98 at n2.nabble.com> pisze:
                    Dayne,Thank you very much for the detailed explanation.  I've just re-enabled TLS renegotiation in Netty.  You will see this change in 3.2.6.Cheers-- Trustin Lee
                 
                On Sunday, September 25, 2011 at 7:45 PM, DLucas wrote:
                
                    Hi Trustin,Oracle has released a fix to TLS renegotiation flaws as per RFC 5746: http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.htmlhttp://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html According to that document, safe renegotiation is on by default: "Use of theproper RFC 5746 messages is optional, however legacy (original SSL/TLSspecifications) renegotiations are disabled if the proper messages are notused. Initial legacy connections are still allowed, but legacyrenegotiations are disabled. This is the best mix of security andinteroperability, and is the default setting."If this is the case then enabling re-negotiation on a JVM that is Java6Update 22 or higher will not be a security issue anymore.Best regards,Dayne--View this message in context: http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Turning-on-TLS-renegotiation-tp6778465p6828889.htmlSent from the Netty User Group mailing list archive at Nabble.com._______________________________________________netty-users mailing list[hidden email]https://lists.jboss.org/mailman/listinfo/netty-users
                 
                 
                 
                 
                
                 
                
                    
_______________________________________________
netty-users mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/netty-users
	what we call human nature in actuality is human habit
http://gleamynode.net/
	
		If you reply to this email, your message will be added to the discussion below:
		http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Turning-on-TLS-renegotiation-tp6778465p6876607.html
	
	
		
		To unsubscribe from Turning on TLS renegotiation, click here.
	


----------------------------------------------------------------------
Nudzisz sie w pracy? 
Zagraj >>> http://linkint.pl/f2a65


--
View this message in context: http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Turning-on-TLS-renegotiation-tp6778465p6904962.html
Sent from the Netty User Group mailing list archive at Nabble.com.

More information about the netty-users mailing list