Thierry Zoller has written a nice summary of the TLS & SSLv3 renegotiation vulnerability. He covers examples, impacts, solutions, and a conclusion. It can be found here: http://www.g-sec.lu/practicaltls.pdf. The ISC previously discussed the vulnerability here: http://isc.sans.org/diary.html?storyid=7534 and the OpenSSL update here: http://isc.sans.org/diary.html?storyid=7543.

Cheers,
Adrien de Beaupré
EWA-Canada.com