httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 47055] SSLVerifyClient + Directory doesn't use cache sessions
Date Mon, 09 Nov 2009 16:56:49 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=47055

--- Comment #43 from Mike <mike.pechkin@gmail.com> 2009-11-09 08:56:47 UTC ---
Ruediger, 

1. does the config still vulnerable if user redirects to
"/mihailp1/www-secure/s" only after double authentication by soft
(password-pin)?
2. why *this* config vulnerable if i disable renegotiation initiated by client?

Thank you.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message