Hi there, On October 7, 2003 10:28 pm, Richard Levitte - VMS Whacker wrote: > I think that part is already answered by the following, taken from > appendix E in RFC 2246: > > TLS version 1.0 and SSL 3.0 are very similar; thus, supporting both > is easy. TLS clients who wish to negotiate with SSL 3.0 servers > should send client hello messages using the SSL 3.0 record format > and client hello structure, sending {3, 1} for the version field to > note that they support TLS 1.0. If the server supports only SSL 3.0, it > will respond with an SSL 3.0 server hello; if it supports TLS, with a > TLS server hello. The negotiation then proceeds as appropriate for the > negotiated protocol.
Which reminds me, I'm not sure yet about my last post's comments on this "sslv3/tlsv1 methods can't internegotiate" stuff - I'm less sure now of what I was seeing than I was when I was seeing it. However I still leave my other comments from that post up as open questions; in particular, I'm still wondering how an attacker could be prevented from rewriting SSLv2-compatible ClientHellos as v2-only and getting away with it. > So my question is rather what kind of stuff might I run in to in the > OpenSSL code? One thing I've figured out is that it's not as easy as > simply calling the SSLv3 send client hello routine from the SSLv23 > one... I need to look closer at this too but I have a suspicion that the vtable-gymnastics in the v23 wrapper might need to be replicated for v31. Ie. perhaps we'll need a new negotiator-method just for versions with major number 0x03? Then again, perhaps this is already "there" but I just don't see it yet ... :-) Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.geoffthorpe.net/ ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]