Turning on TLS renegotiation
"이희승 (Trustin Lee)"
trustin at gmail.com
Tue Oct 25 20:39:09 EDT 2011
It's out. Release announcement is not made yet because of laziness, but
will be out eventually. :-)
sonicool wrote:
> Hi Trustin,I wanted to ask when this version 3.2.6 will be
published? Because I have found release notes about it on the web, but
still not .jar :). Thanks"Trustin Lee [via Netty Forums and Mailing
Lists]"<ml-node+s685743n6876607h98 at n2.nabble.com> pisze:
> Dayne,Thank you very much for the detailed explanation. I've
just re-enabled TLS renegotiation in Netty. You will see this
change in 3.2.6.Cheers-- Trustin Lee
>
> On Sunday, September 25, 2011 at 7:45 PM, DLucas wrote:
>
> Hi Trustin,Oracle has released a fix to TLS renegotiation flaws as
per RFC 5746:
http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.htmlhttp://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html
According to that document, safe renegotiation is on by default: "Use of
theproper RFC 5746 messages is optional, however legacy (original
SSL/TLSspecifications) renegotiations are disabled if the proper
messages are notused. Initial legacy connections are still allowed, but
legacyrenegotiations are disabled. This is the best mix of security
andinteroperability, and is the default setting."If this is the case
then enabling re-negotiation on a JVM that is Java6Update 22 or higher
will not be a security issue anymore.Best regards,Dayne--View this
message in context:
http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Turning-on-TLS-renegotiation-tp6778465p6828889.htmlSent
from the Netty User Group mailing lis!
> t archive at
Nabble.com._______________________________________________netty-users
mailing list[hidden
email]https://lists.jboss.org/mailman/listinfo/netty-users
>
>
>
>
>
>
>
>
> _______________________________________________
> netty-users mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/netty-users
> what we call human nature in actuality is human habit
> http://gleamynode.net/
>
> If you reply to this email, your message will be added to the
discussion below:
>
http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Turning-on-TLS-renegotiation-tp6778465p6876607.html
>
>
>
> To unsubscribe from Turning on TLS renegotiation, click here.
>
>
>
> ----------------------------------------------------------------------
> Nudzisz sie w pracy?
> Zagraj>>> http://linkint.pl/f2a65
>
>
> --
> View this message in context:
http://netty-forums-and-mailing-lists.685743.n2.nabble.com/Turning-on-TLS-renegotiation-tp6778465p6904962.html
> Sent from the Netty User Group mailing list archive at Nabble.com.
>
> _______________________________________________
> netty-users mailing list
> netty-users at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/netty-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/netty-users/attachments/20111025/4967d3c1/attachment.html
More information about the netty-users
mailing list