[Fed-Talk] Safari RFC5746 renegotiation support?
[Fed-Talk] Safari RFC5746 renegotiation support?
- Subject: [Fed-Talk] Safari RFC5746 renegotiation support?
- From: "Disiena, Ridley J. (GRC-VO00)[DB Consulting Group, Inc.]" <email@hidden>
- Date: Fri, 15 Jul 2011 15:48:53 -0500
- Acceptlanguage: en-US
- Thread-topic: Safari RFC5746 renegotiation support?
Hey Folks,
I was wondering if anyone had any information if Safari now properly supports RFC5746 with regards to renegotiation. From testing we are guessing it not to be working. I was pointed to this bug report by a coworker. I'm wondering if this is a Fed / DoD bug origination and or if others have encountered the same issue.
Safari doesn't support RFC5746 (has broken SSL renegotiation) http://openradar.appspot.com/8696868
The older, pre RFC5746 renegotiation, was identified as susceptible to man in the middle attacks back in 2009 and should not be used. As the bug reports states, all other leading browsers now support RFC5746.
Thanks in advance,
NASA Emerging Technology and Desktop Standards
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden