Nikos wrote: > Ok it seems that with the help of Hanno Wagner I managed to debug this issue. > These clients fail to understand TLS 1.0 record packets with a padding added. > This only occurs when using non stream ciphers (i.e. not arcfour) and does > not occur when using SSL 3.0 which does not allow such padding. So one point > is for users of these devices to report that as bug. > > However a fix in gnutls is not easy to do. If we disable the random padding > in > TLS 1.0 we do disable a nice feature of TLS that protects against statistical > attacks. Thus I'd be against such a fix.
Why doesn't this problem happen with OpenSSL? Does it MAC padding under some circumstances? Could GnuTLS do the same? /Simon -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
