From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 26591 invoked from network); 21 Jan 2023 17:30:58 -0000 Received: from 9front.inri.net (168.235.81.73) by inbox.vuxu.org with ESMTPUTF8; 21 Jan 2023 17:30:58 -0000 Received: from mx1.mythic-beasts.com ([46.235.224.141]) by 9front; Sat Jan 21 12:29:26 -0500 2023 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=quintile.net; s=mythic-beasts-k1; h=To:Date:Subject:From; bh=fJEtNbKl6FShkd3XRQGvmT5PV6hOJj+r4RZUIpZCyTE=; b=peF7ERBjCo8q7SB/kDeYfPOe0v A+NSadbHkswo/G3Qap5jS5/9XRQZekalaElqOW5BAwME+J8PNMsxvrkOXWyzZnKXjp7dPpCELzDZ+ 4NIJsfQmG3QNw6v581Q1Ss0oxkLZpzoIa4mm2B9DjPMbcswhMKtkOyVWvHza+9A2CNXMo3mNmNJX9 xlKuQeU6G9DMSitYUvRweujkboaJkQS2a3KeswXHxJUhIyPsa6YK69mr7nPcS55ubRqXxJsvgoQwV ymNJ4P53f9Tz1wDmNQ1LCx0FiyCvas2cEvWHjsYcD3u7F3zp0bVcqQcL6hdIounUTGZ50t0FBOOCy aSzHNaFQ==; Received: from [81.187.198.132] (port=59118 helo=smtpclient.apple) by mailhub-cam-d.mythic-beasts.com with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1pJHgD-00EUwc-3W for 9front@9front.org; Sat, 21 Jan 2023 17:29:25 +0000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Steve Simon Mime-Version: 1.0 (1.0) Date: Sat, 21 Jan 2023 17:29:13 +0000 Message-Id: References: In-Reply-To: To: 9front@9front.org X-Mailer: iPhone Mail (20C65) X-BlackCat-Spam-Score: 4 List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: open webscale package session API descriptor Subject: Re: [9front] [PATCH] libsec: add minimal support for the tls renegotiation extension Reply-To: 9front@9front.org Precedence: bulk from the point of view of not knowing the protocol at all, but=E2=80=A6 could you still take part in the renegotiations but then refuse to accept an= ything insecure? -Steve > On 21 Jan 2023, at 12:54 pm, hiro <23hiro@gmail.com> wrote: >=20 > =EF=BB=BFNo, you're right, I just wonder what kept the openssl people from= > fixing this problem on their side? Since we have unsafe renegotiations > disabled, we're doing the right and safe thing. so why can't they deal > with it?