As has been seen in my last few commits, I got a bit obsessed with
compression. The way it works now, at least in 0.9.8-dev, is
compliant with draft-ietf-tls-compression-05.txt, as far as I can
tell.
The only thing that remains is something that itches me quite a bit.
As soon as SSLv23 is used, we can kiss compression goodbye, even if
SSLv2 has been disabled.
Since I haven't gone too much into the ssl/ part of OpenSSL, I have a
hard time figuring out what's appropriate to do here. What I would
*like* to do is have the SSLv23 connect make a SSLv3-compatible
connect when SSLv2 has been disabled, instead of the current behavior
(always a V2ClientHello, no matter what). Is that a feasible thing to
do? What traps could I fall in to? What quirks should I watch out
for? Will that work with the servers out there (provided they aren't
SSLv2-only)? Other thoughts?
--
Richard Levitte \ Tunnlandsvägen 3 \ [EMAIL PROTECTED]
[EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
