Salz, Rich wrote:
The common practice is for clients to connect in the clear, then issue a command to turn
on TLS, such as the SMTP "STARTTLS" command.
It is only common practice for a small number of well known protocols.
This doesn't mean it is the best solution.
If you have a bespoke pro
El día Saturday, November 16, 2013 a las 08:36:33PM -0500, Dave Thompson
escribió:
> > I was thinking more in a solution where the client reads the first 8
> > bytes from the socket and checks if the beginning of the GoodMorning
> > message is there in clear text (like "220 SLNP") and if not
> >
> From: owner-openssl-users On Behalf Of Matthias Apitz
> Sent: Friday, November 15, 2013 14:43
> El día Friday, November 15, 2013 a las 12:58:40PM -0500, Watson, Patrick
> escribió:
>
> > Traditionally, there are 2 methods that immediately come to mind. One
> way is to have the SSL version of th
> I was thinking more in a solution where the client reads the first 8 bytes
> from the socket and checks if the beginning of the GoodMorning message is
> there > in clear text (like "220 SLNP") and if not it should handover this
> buffer and the socket fd for further SSL handshake... Is this po
El día Friday, November 15, 2013 a las 12:58:40PM -0500, Watson, Patrick
escribió:
> Traditionally, there are 2 methods that immediately come to mind. One way is
> to have the SSL version of the server listen on a different port than the
> plain text version. Alternatively, your protocol could
The common practice is for clients to connect in the clear, then issue a
command to turn on TLS, such as the SMTP "STARTTLS" command.
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
__
OpenSSL Project
ner-openssl-us...@openssl.org]
On Behalf Of Matthias Apitz
Sent: Friday, November 15, 2013 5:20 AM
To: openssl-users@openssl.org
Subject: connecting to (openssl-) server in SSL or clear text
Hello,
We have application servers, written in C, which can be configured to do SSL or
not. In any case t
Hello,
We have application servers, written in C, which can be configured to do
SSL or not. In any case they send out a goodmorning message, ciphered
with SSL or in clear text if they run configured in clear text.
What would be the best method for a C-written client to figure out if
the server d
