I asked Eric Rescorla, and he agreed the section of the TLS RFC was definitely unclear, but he wasn't totally sure which way it should go as far as stripping any leading 0s before using the shared secret to generate keys. It basically depends on what various implementations have decided to do.
-J On Wed, 4 Dec 2002, Richard Levitte via RT wrote: > > I haven't heard any news about this. I also mailed ietf-tls asking > about this, but had no response there either. That means there will > most probably be no fix in 0.9.6h. 0.9.7 still has a week... > > I think I'll change the miestone for this fix. > > [[EMAIL PROTECTED] - Thu Nov 14 19:05:29 2002]: > > > In message <[EMAIL PROTECTED]> on Thu, 14 Nov > > 2002 18:54:21 +0100 (MET), "Jack Lloyd via RT" <[EMAIL PROTECTED]> said: > > > > rt> Looks like the 1.1 TLS draft spec uses the same wording. Perhaps > > someone > > rt> should contact the TLS WG and ask for a clarification on this > > issue? [I'll > > rt> do it if nobody else is interested] > > > > Please do. > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
