Date: Thu, 10 Dec 2009 15:55:35 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Dan Lukes <dan@obluda.cz> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-09:15.ssl Message-ID: <86hbrylvyw.fsf@ds4.des.no> In-Reply-To: <4B2101D8.7010201@obluda.cz> (Dan Lukes's message of "Thu, 10 Dec 2009 15:12:40 %2B0100") References: <4B20D86B.7080800@default.rs> <86my1rm4ic.fsf@ds4.des.no> <4B20E812.508@default.rs> <4B2101D8.7010201@obluda.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Lukes <dan@obluda.cz> writes: > Even after the patch has been installed, my browser is still able to > connect to SSL aware HTTP servers. My MUA is still sending/receiving > emails over SMTP/SSL and IMAP/SSL ... Do you use client-side certificates? > I'm not saying you have no problem, i'm saying the problem is not as > general as you claim. So we need exact description of your problem. Language barrier. What he actually meant was "all communication between these two applications that we use relies on session renegotiation" without specifying exactly *which* applications, probably because they're in-house and / or confidential. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86hbrylvyw.fsf>