Andreas Sterbenz wrote: > For the Sun JSSE provider, the default enabled protocols are SSLv3, > TLSv1, and the pseudo protocol SSLv2Hello. The latter means that client > hello messages are sent/ accepted in SSLv2 format. This is for better > error diagnostic when talking to SSLv2 only implementations.
After revisiting Eric Rescorla's SSL and TLS, I come to the conclusion that for the client, starting with a SSLv2 ClientHello msg would also be useful to talk to a server that might be a version 2 server. At least in SSLv3 it was specified for the server to continue with a v3 handshake, if it was able to support the version number sent be the client (see page 135 of SSL and TLS). > The result is that with the default settings a V2 client hello message > requesting TLS 1.0 is sent. ...which is the most compatible way to speak to any unknown SSL/TLS server. Shouldn't OpenSSL answer this v2 ClientHello with SSL-version no. 3.1 by continuing with a TLS handshake? Or was this compatibility option left out in OpenSSL by purpose? RFC2246 ( http://www.ietf.org/rfc/rfc2246 ) states (Page 65): "TLS 1.0 clients that support SSL Version 2.0 servers must send SSL Version 2.0 client hello messages [SSL2]. TLS servers should accept either client hello format if they wish to support SSL 2.0 clients on the same connection port. The only deviations from the Version 2.0 specification are the ability to specify a version with a value of three and the support for more ciphering types in the CipherSpec. Warning: The ability to send Version 2.0 client hello messages will be phased out with all due haste. Implementors should make every effort to move forward as quickly as possible. Version 3.0 provides better mechanisms for moving to newer versions." Best Regards, David Maurus ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]