to o com pises je spomenute napr. v
http://en.wikipedia.org/wiki/Transport_Layer_Secur ity
A vulnerability of the renegotiation procedure was discovered in August 2009 that can lead to plaintext injection attacks against SSLv3 and all current versions of TLS. For example, it allows an attacker who can hijack an https connection to splice their own requests into the beginning of the conversation the client has with the web server. The attacker can't actually decrypt the client-server communication, so it is different from a typical man-in-the-middle attack. A short-term fix is for web servers to stop allowing renegotiation, which typically will not require other changes unless client certificate authentication is used. To fix the vulnerability, a renegotiation indication extension has been proposed for TLS. It will require the client and server to include and verify information about previous handshakes in any renegotiation handshakes.[5] When a user doesn't pay attention to their browser's indication that the session is secure (typically a padlock icon), the vulnerability can be turned into a true man-in-the-middle attack
Neni to ziadne prelomenie SSL3.