WhiteBoard Wednesday: SSL Renegotiation

We all know that a client and a server have to negotiate a connection before they can talk securely via HTTPS.  But, did you know that, in some cases, that same client and server will need to "renegotiate" their secure connection while they are still talking securely?  In this video, John talks about SSL renegotiation and covers a new feature in the BIG-IP that helps protect web servers from potential asymmetric DoS attacks.  Enjoy!

 

 

 

Related Resources:

https://devcentral.f5.com/s/articles/ssl-profiles-part-6-ssl-renegotiation

 

Published Sep 30, 2015
Version 1.0
application delivery
LTM
security
ssl
wbw
  • Rav1G's avatar
    Rav1G
    Icon for Employee rankEmployee
    Oct 04, 2015
    Hi, just noticed a small mistake; "bad guy" client sends Client Hellos not Server Hellos.
  • ltwagnon's avatar
    ltwagnon
    Ret. Employee
    Oct 05, 2015
    @Rav1G: you are exactly right. Thanks for the catch on this. I should have said "Client Hello" instead of "Server Hello" at the 3:42 mark. Thanks again for the great catch on this!