[gnutls-help] disable renogotiation
John
johnbast at protonmail.com
Wed Jun 16 12:15:47 CEST 2021
Hello,
Is there a way in Gnutls to disable renogotiation on TLS and a way to disable client initiated secure renegotiation?
This is useful to harden the server. For example Exim4+Gnutls on Debian 10. There does not seem to be a need to support renegotiation or resumption on a mail server, because STARTTLS sessions are set up in each SMTP session. Disabling renegotiation reduces the attack surface.
Thanks
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20210616/73510c0e/attachment.html>
More information about the Gnutls-help
mailing list