Dr Stephen Henson wrote:
>
> Any correctly written OpenSSL server containing an approved certificate
> supports the protocol. With some restrictions...
>
> SGC is only supported in OpenSSL 0.9.5 and later because SGC violates
> the SSL protocol and a work around was only added in that version. Step
> up is supported in earlier versions because it keeps to the SSL spec.
Thanks for the clarifications. A follow-up question - do you know of
any sources that document the SGC violations (or is it easy enough
to explain?). I'd be curious to know what the exact difference
between stepup and SGC is from a technical perspective...
Thomas
> --
> Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
> Personal Email: [EMAIL PROTECTED]
> Senior crypto engineer, Celo Communications: http://www.celocom.com/
> Core developer of the OpenSSL project: http://www.openssl.org/
> Business Email: [EMAIL PROTECTED] PGP key: via homepage.
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
--
------------------------------------------------------------
Thomas Reinke Tel: (905) 331-2260
Director of Technology Fax: (905) 331-2504
E-Soft Inc. http://www.e-softinc.com
Publishers of SecuritySpace http://www.securityspace.com
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
