TLS renegotiation status update


It’s been a while since I last checked any news or used a computer. I was away for more than a month spending time with our new baby daughter and almost completely disconnected from the tubes of the net.

Now that I’m back, I wanted to point to a patch from Microsoft that allows admins to disable TLS renegotiation on both the client and the server side. The security advisory is 977377 and MSRC has published a blog post with a bit more details.

The new RFC that will outline the changes needed to the TLS protocol to fix the problem is almost there and should be out “real soon now”.

Tags: , , ,

Leave a Reply

You must be logged in to post a comment.