Steve Dispensa and Marsh Ray have published a paper describing a weakness in the TLS negotiation process. This is the same attack discussed on the IETF TLS list.
From the whitepaper
"Transport Layer Security (TLS, RFC 5246 and previous, including SSL
v3 and previous) is subject to a number of serious man-in-the-middle
(MITM) attacks related to renegotiation. In general, these problems
allow an MITM to inject an arbitrary amount of chosen plaintext into
the beginning of the application protocol stream, leading to a variety
of abuse possibilities. In particular, practical attacks against HTTPS
client certificate authentication have been demonstrated against recent
versions of both Microsoft IIS and Apache httpd on a variety of
platforms and in conjunction with a variety of client applications.
Cases not involving client certificates have been demonstrated as well.
Although this research has focused on the implications specifically for
HTTP as the application protocol, the research is ongoing and many of
these attacks are expected to generalize well to other protocols
layered on TLS.
There are three general attacks against HTTPS discussed here, each
with slightly different characteristics, all of which yield the same
result: the attacker is able to execute an HTTP transaction of his
choice, authenticated by a legitimate user (the victim of the MITM
attack). Some attacks result in the attacker-supplied request
generating a response document which is then presented to the client
without any certificate warning or other indication to the user. Other
techniques allow the attacker to forward or re-purpose client
certificate authentication credentials."
The full document in pdf format: Renegotiating_TLS.pdf
Some helpful protocol diagrams: Renegotiating_TLS_pd.pdf
Packet captures: renegotiating_tls_20091104_pub.zip
