Hello, > > Application layer do not see this. > > Right, that's why I suggested making it visible to the application > layer. > The application layer already has to have code to handle excessive load > because there are many ways to place load that are not visible at the SSL > layer. Better to have one complete solution than two pieces of a solution. My post was only a simple question :-) Using renegotiation to slow down (or hang) ssl server depends on situation. It is not even specific to OpenSSL implementation. But in this days, we have many devices witch acts as ssl severs (for management purpose for example) like routers, hubs, switches, management cards ... In most sites there is no load-balancers, hardware-accelerators, "intelligent" monitoring software (with cpu quota feature for example). If there is mechanism to request renegotiation after some time elapsed or data transfered, maybe there should be mechanism to check minimum values of this parameters when renegotiation may occur.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
