> > doesn't work with the recent renegotiation bug.
> 
> disable renegotiation.
> 
> > but i don't
> > think one can dismiss dns as a non-issue.
> 
> dns is a non-issue if the rest of ssl is working.
> dns is irrelevant if it isn't.

the renegotiation bug is a protocol flaw.  i'm
not so sure i trust ssl enough to decide i don't
care of dns gets hijacked.

- erik

Reply via email to