diff options
| author | rcritten <> | 2010-03-18 18:34:46 +0000 |
|---|---|---|
| committer | rcritten <> | 2010-03-18 18:34:46 +0000 |
| commit | 78df57bee4d00b4f5e0b213a4cd82a76036c51c0 (patch) | |
| tree | 569e74780e602fcc609be33518c5374517b44a72 /nss.conf.in | |
| parent | 63440400c246bb997c906b301e7b3b1566448189 (diff) | |
| download | mod_nss-78df57bee4d00b4f5e0b213a4cd82a76036c51c0.tar.gz mod_nss-78df57bee4d00b4f5e0b213a4cd82a76036c51c0.tar.xz mod_nss-78df57bee4d00b4f5e0b213a4cd82a76036c51c0.zip | |
Add TLS renegotiation options to the configuration file
Diffstat (limited to 'nss.conf.in')
| -rw-r--r-- | nss.conf.in | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/nss.conf.in b/nss.conf.in index 65d2406..4411cdc 100644 --- a/nss.conf.in +++ b/nss.conf.in @@ -64,6 +64,17 @@ NSSRandomSeed startup builtin #NSSRandomSeed startup file:/dev/random 512 #NSSRandomSeed startup file:/dev/urandom 512 +# +# TLS Negotiation configuration under RFC 5746 +# +# Only renegotiate if the peer's hello bears the TLS renegotiation_info +# extension. Default off. +NSSRenegotiation off + +# Peer must send Signaling Cipher Suite Value (SCSV) or +# Renegotiation Info (RI) extension in ALL handshakes. Default: off +NSSRequireSafeNegotiation off + ## ## SSL Virtual Host Context ## |