It seems that the semantics of the "renegotiation_info" extension are slightly muddy. Qualys understands it to mean that the server will not perform insecure renegotiation, full stop. But OpenSSL further understands it to mean that the server *will* perform secure negotiation. OpenSSL therefore makes it difficult to simultaneously simultaneously satisfy both of Qualys's expectations, since disabling all renegotiation will cause it not to send the "renegotiation_info" extension. Popular open source web servers implement a workaround which achieves Qualys's desired behavior. Comments?
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
