Bodo Moeller wrote:
> While this is true, the SSLeay/OpenSSL behaviour makes sense in that
> the SSL 3 or TLS 1.0 methods accept just there specific protocols.
> When compatibility with SSL 2 client hello messages is desired (which,
> as you note, can be the case even if SSL 2 is not accepted), o
On Mon, Apr 05, 1999 at 02:49:59PM -0700, Roland Mechler wrote:
> I haven't seen a reply to this one, so here goes. I'm not clear on
> whether this is a bug or not. I haven't had a really close look at
> the code, but I think the issue is that the SSLv3 method won't
> accept Version 2.0 client he
I haven't seen a reply to this one, so here goes. I'm not clear on whether this
is a bug or not. I haven't had a really close look at the code, but I think the
issue is that the SSLv3 method won't accept Version 2.0 client hello messages.
I think it *ought* to, but the specs aren't entirely clear
It looks like that SSLv3_server_method and SSLv23_client_method cannot
talk to each other? It works ok if both are the same. The netscape
client also cannot talk to the OpenSSL SSL3 server.
I have thought that the SSL3 server should respond to the SSL23
request that use SSL3 instead of SSL2. Isn'
