Eric Rescorla wrote: > Ben Laurie <[EMAIL PROTECTED]> writes: >>> And we need SSL v2 to die so it doesn't interfere >>> with the above. >> Actually, you just disable it in the server. I don't see why we need >> anything more than that. > > The problem is that the ServerHostName extension that signals > which host the client is trying to contact is only available > in the TLS ClientHello.
Sure, but if the server won't negotiate SSL 2, why is this a problem? -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ ** ApacheCon - Dec 10-14th - San Diego - http://apachecon.com/ ** "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
