----- Original Message ----- From: Amos Jeffries <squid3@xxxxxxxxxxxxx> > Renegotiating to an insecure version or cipher set is an issue to be > fixed by configuring tls-min-version=1.Y and tls-options= disabling > unwanted ciphers etc. > > The potential DoS related to renegotiation is now prevented by rate > limiting. > > The current generation of OpenSSL libraries (1.0+) all contain built-in > protection from older forms of renegotiate that had other CVE issues. Thanks again, Amos! _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
