TLS & SSLv3 renegotiation vulnerability explained

Published: 2009-11-13. Last Updated: 2011-01-25 00:02:08 UTC
by Adrien de Beaupre (Version: 1)
0 comment(s)

Thierry Zoller has written a nice summary of the TLS & SSLv3 renegotiation vulnerability. He covers examples, impacts, solutions, and a conclusion. It can be found here: http://www.g-sec.lu/practicaltls.pdf. The ISC previously discussed the vulnerability here: http://isc.sans.org/diary.html?storyid=7534 and the OpenSSL update here: http://isc.sans.org/diary.html?storyid=7543.

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

0 comment(s)

Comments


Diary Archives