Re: OpenSSL/Java JSSE Handshake problem...

Tue, 16 Apr 2002 00:50:16 -0700 

On Mon, Apr 15, 2002 at 11:23:49PM +0200, David Maurus wrote:
> Andreas Sterbenz wrote:
> 
> > For the Sun JSSE provider, the default enabled protocols are SSLv3,
> > TLSv1, and the pseudo protocol SSLv2Hello. The latter means that client
> > hello messages are sent/ accepted in SSLv2 format. This is for better
> > error diagnostic when talking to SSLv2 only implementations.
> 
> After revisiting Eric Rescorla's SSL and TLS, I come to the conclusion that
> for the client, starting with a SSLv2 ClientHello msg would also be useful to
> talk to a server that might be a version 2 server. At least in SSLv3 it was
> specified for the server to continue with a v3 handshake, if it was able to
> support the version number sent be the client (see page 135 of SSL and TLS).
> 
> > The result is that with the default settings a V2 client hello message
> > requesting TLS 1.0 is sent.
> 
> ...which is the most compatible way to speak to any unknown SSL/TLS server.
> Shouldn't OpenSSL answer this v2 ClientHello with SSL-version no. 3.1 by
> continuing with a TLS handshake? Or was this compatibility option left out in
> OpenSSL by purpose?
> 
> RFC2246 ( http://www.ietf.org/rfc/rfc2246 ) states (Page 65):
> "TLS 1.0 clients that support SSL Version 2.0 servers must send SSL
>  Version 2.0 client hello messages [SSL2]. TLS servers should accept
>  either client hello format if they wish to support SSL 2.0 clients on
>  the same connection port. The only deviations from the Version 2.0
>  specification are the ability to specify a version with a value of
>  three and the support for more ciphering types in the CipherSpec.
> 
> Warning: The ability to send Version 2.0 client hello messages will be
> phased out with all due haste. Implementors should make every
> effort to move forward as quickly as possible. Version 3.0
> provides better mechanisms for moving to newer versions."

The option to support the SSLv2 client hello is part of the SSLv23_method().
The TLSv1_method() is pure TLSv1, no SSLv2 client hello.

Best regards,
        Lutz
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to