João Távora пишет:
TCP does not provide "delivery assurance". If the application needs
to know
the data got through, it must use application-level ackwowledgements.
SSL
does not change this and provides the same set of guarantees and
assurances
TCP does.
I'm sorry to disagree but TCP, unli
TCP allows for hijacking -- but the fact that the SSL/TLS layer uses
secret, ever-changing HMACs means that an attacker cannot pass any
data to the hijacked session without it being detected and a protocol
error resulting. (Much less the encryption key for all but NULL
ciphers.)
TCP guarantees de
TCP does not provide "delivery assurance". If the application needs
to know
the data got through, it must use application-level
ackwowledgements. SSL
does not change this and provides the same set of guarantees and
assurances
TCP does.
I'm sorry to disagree but TCP, unlike UDP, does prov
On Sun, May 17, 2009 at 07:16:47PM +0200, Ger Hobbelt wrote:
> See ongoing discussion regarding DTLS: this is something that should
> be adjusted in the next CVS, if I read Mr. Henson's messages
> correctly. DTLS is in progress, so expect some issues in the near
> future: snapshots are a, after all
João wrote:
> Hi
>
> I'm glad for your negative answer and that's also what I suspect :-)
>
> ... but I didn't really understand why.
>
> Maybe I didn't really fully explain myself, the problem is not really
> ensuring secrecy and integrity, it's ensuring delivery.
No protocol can ensure the oth
Hi
I'm glad for your negative answer and that's also what I suspect :-)
... but I didn't really understand why.
Maybe I didn't really fully explain myself, the problem is not really
ensuring secrecy and integrity, it's ensuring delivery.
As I understand it this is normally done with TCP ACK
On Fri, May 15, 2009 at 12:47 AM, Alex Takeshita
wrote:
> Hi, how can I use your OpenSSL include in my software developed in Visual
> Basic 6?
>
> Do you have any tutorial or tips for me? I'm a little lost!
>
> Thanks for your attention!
wow. VB6. That's long ago I ran into that bugger...
wel
See ongoing discussion regarding DTLS: this is something that should
be adjusted in the next CVS, if I read Mr. Henson's messages
correctly. DTLS is in progress, so expect some issues in the near
future: snapshots are a, after all, only snaps of the development
process at work.)
Take care,
Ger
No.
Part of the SSL/TLS handshake protocol is the definition of what the
content of the message should include -- i.e., the HMAC. If it
doesn't exist or is different from what it's supposed to be, the side
that failed to validate it sends a decryption_error fatal alert and
closes the connection.
Hi,
I've got a newbie question about a possible SSL/OpenSSL
Consider two machines A and B and a man-in-the-middle, Z, who can
snoop traffic.
A and B exchange certificates securely, i.e. Z lets the SSL handshake
through. Therefore A sends a first application-data message to B.
Z cannot re
10 matches
Mail list logo
