Renegotiating TLS
November 7th, 2009
Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation.
Update 11/15: CVE-2009-3555
The postings on this site are my own and don’t necessarily represent IBM’s positions, strategies, or opinions.
Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation.
Update 11/15: CVE-2009-3555