> To improve interoperability, I would recommend to not add any TLS > extensions when speaking SSLv3 - as implemented by the attached patch > (against HEAD, but also applies cleanly to openssl_0_9_8-stable).
Given that TLS extensions are enabled by default as of 0.9.8j, the importance of this patch (http://rt.openssl.org/Ticket/Attachment/18486/7851/openssl-sslv3-no-tlsext.patch) has slightly increased in the meantime, IMO. Can it be considered for both 0.9.8 and the upcoming 1.0.0? ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
