Author christian.heimes
Recipients christian.heimes, chuq, ned.deily, njs
Date 2018-02-26.08:17:58
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1519633079.16.0.467229070634.issue32257@psf.upfronthosting.co.za>
In-reply-to
Content
The OP_NO_RENEGOTIATION option prevents renegotiation in TLS 1.2 and lower. Renegotiation is a problematic TLS feature that has led to security issues like CVE-2009-3555. TLS 1.3 has removed renegotiation completely in favor of much more reliable and simpler rekeying.

PR5904 just adds the constant to the list of options and documents it. I didn't add it earlier because it wasn't available in the OpenSSL 1.1.0 branch until now. The next upcoming release of 1.1.0 will have it.
History
Date User Action Args
2018-02-26 08:17:59christian.heimessetrecipients: + christian.heimes, ned.deily, njs, chuq
2018-02-26 08:17:59christian.heimessetmessageid: <1519633079.16.0.467229070634.issue32257@psf.upfronthosting.co.za>
2018-02-26 08:17:59christian.heimeslinkissue32257 messages
2018-02-26 08:17:58christian.heimescreate