SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Fri Apr 15 03:56:31 CEST 2016
Anyone see an issue with disabling TLS renegotiation by default?
As far as I can tell it's not explicitly required by any EAP flavour. Not mentioned in EAP-TLS RFC, which is what most methods base their TLS wrapper on.
Would seem to protect against 3SHAKE.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20160414/ef0b632b/attachment-0001.sig>
More information about the Freeradius-Users
mailing list