I can't find how to set "no" "ECDH public server param reuse" IIS, is anybody know to how?
I am not aware of a way to do it. Anecdotally, IIS caches its server values for a limited period of time, making exploitation unlikely.
windows default cache setting none;ECDH public server param reuse YES (orange) (not good)
windows cache settings to 0;HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\MaximumCacheSize to 0HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\ServerCacheTime to 0
ssl test;Session resumption (caching) NO (orange) (not good)ECDH public server param reuse YES (orange) (not good)
I checked microsoft.com 5 sites (SSL Server Test: microsoft.com (Powered by Qualys SSL Labs) );
Microsoft official answer is "by design" and cannot be change settings.
Retrieving data ...