[erlang-questions] SSL renegotiation
Ingela Andin
ingela.andin@REDACTED
Wed May 15 18:58:34 CEST 2013
Hi Niclas!
2013/5/14 Niclas Eklund <nick@REDACTED>
> Hi!
>
> Out of curiosity, why is this timelimit hardcoded and why was 12 choosen?
>
>
To be long enough to mitigate the dos attack but short enough to not cause
any disturbance. If you think it would be really useful to you to be able
to configure this timeout you are welcome to make a patch suggestion. It
is easier to add things than to remove them so it is a question
of priorities.
> -define(WAIT_TO_ALLOW_**RENEGOTIATION, 12000).
>
> 42 would have made more sense since it's the meaning of life ;-)
>
>
I do agree that it would have been much more fun to to module the world in
terms of
The *Hitchhiker's Guide to the
Galaxy*<https://www.google.se/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CC0QFjAA&url=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FThe_Hitchhiker's_Guide_to_the_Galaxy&ei=a72TUc-VNeSA4gTcjYDAAQ&usg=AFQjCNGlUHf3hu9VSnk5AQIl4a1aaN1fpg&sig2=bIGFlDIDE83m9G9ov8a8ig&bvm=bv.46471029,d.bGE>
;)
Regards Ingela Erlang/OTP team - Ericsson AB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20130515/4b81b824/attachment.htm>
More information about the erlang-questions
mailing list