Alan Buxey wrote: > Surely you'll now have to do this for all the past issues like the > recent session renegotiation openssl issue too? No, because the cache is disabled by default. Sites using a vulnerable version of OpenSSL can just disable the cache, and not worry about it. Alan DeKok.