Client-initiated secure renegotiation
aki.tuomi at dovecot.fi
Thu Mar 10 11:23:24 UTC 2016
On 10.03.2016 12:40, Osiris wrote:
> That's just the question of Florent: how to disable Secure
> Client-Initiated Renegotiation.
There is no way to disable this in OpenSSL, and the CVE you refer to has
been disputed. Please see
Without altering OpenSSL sources, secure renegotiations will take place.
More information about the dovecot