Hacker News new | past | comments | ask | show | jobs | submit login

Smart cards (like the DoD Common Access Card/CAC) solve #1 and #3 (no dice on 2 yet).



Renegotiation is fixed in all major browsers and servers with the implementation of RFC 5746. http://tools.ietf.org/html/rfc5746

Unless you're a year or so out of date on your patches, renegotiation works better than ever.


Thanks, I missed that somehow. Although, I did say DoD clients, so odds are they're out of date still.

Neat to get the update from the guy I watched keynote about the problem in the first place though!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: