On Mon, Oct 09, 2000 at 10:21:56PM -0600, Peter Dennis Bartok wrote:
> In a server that supports TLS (e.g. a imap server), when the server receives
> the STARTTLS command, should the method that the SSL_CTX is created with be
> SSLv23_method() or TLSv1_method()? I was under the impression that it should
> be TLSv1_method(), thus the START>TLS< command, but I cannot find any
> documentation to proof it.
For backwards compatibility with SSL only clients, you should use
TLSv1_method. I think Paul agreed to add something to this effect
to the next draft for the successor of RFC 2487.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
