Comments on: OpenSSL : CVE-2009-3555 security fix and mod_ssl client authentication breakage http://www.phocean.net/2009/11/28/openssl-cve-2009-3555-security-fix-and-mod_ssl-client-authentication-breakage.html?utm_source=rss&utm_medium=rss&utm_campaign=openssl-cve-2009-3555-security-fix-and-mod_ssl-client-authentication-breakage "A defense that hedgehogs possess is the ability to roll into a tight ball, causing all of the spines to point outwards." -- Wikipedia Wed, 09 Nov 2011 11:04:26 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: JC http://www.phocean.net/2009/11/28/openssl-cve-2009-3555-security-fix-and-mod_ssl-client-authentication-breakage.html/comment-page-1#comment-1813 JC Sat, 28 Nov 2009 22:46:21 +0000 http://www.phocean.net/?p=524#comment-1813 Oops :D No we rather bindly trust the maintainer... That said, even if I read this changelog, as I did not know about ssl renegociation with clients before this issue, it wouldn't have helped me immediatly... Good lesson anyway, I will be more careful in the future. Oops :D
No we rather bindly trust the maintainer…
That said, even if I read this changelog, as I did not know about ssl renegociation with clients before this issue, it wouldn’t have helped me immediatly…
Good lesson anyway, I will be more careful in the future.

]]> By: Stefan Seyfried http://www.phocean.net/2009/11/28/openssl-cve-2009-3555-security-fix-and-mod_ssl-client-authentication-breakage.html/comment-page-1#comment-1812 Stefan Seyfried Sat, 28 Nov 2009 21:38:32 +0000 http://www.phocean.net/?p=524#comment-1812 Note that this was actually mentioned in the patch info. Cite: "Please note that renegotiation will be disabled by this update and may cause problems in some cases." But yes, of course nobody reas those ;) Note that this was actually mentioned in the patch info.

Cite:
“Please note that renegotiation will be disabled by this update and may cause problems in some cases.”

But yes, of course nobody reas those ;)

]]>