Eric Rescorla wrote:
> Ben Laurie <[EMAIL PROTECTED]> writes:
>>> And we need SSL v2 to die so it doesn't interfere
>>> with the above.
>> Actually, you just disable it in the server. I don't see why we need
>> anything more than that.
> 
> The problem is that the ServerHostName extension that signals
> which host the client is trying to contact is only available
> in the TLS ClientHello.

Sure, but if the server won't negotiate SSL 2, why is this a problem?
-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/
**  ApacheCon - Dec 10-14th - San Diego - http://apachecon.com/ **
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to