----- Original Message ----- From: "Marek Marcola" <[EMAIL PROTECTED]> To: <openssl-users@openssl.org> Sent: Tuesday, August 22, 2006 3:41 PM Subject: Re: TLS1 support in openssl?
> Hello, > > how does openssl 0.9.8b support tls? I went through the code and it > > looks like tls is just like an alias for SSLv3. > > Can someone tell me where exactly TLS1 and SSLv3 differ? > In general they are very close, but main difference are: > - protocol version in messages (SSL3: 0300, TLS1: 0301) > - altert protocol messages ( SSL3: 12, TLS1: 23) > - message authentication mechanism > - key material generation mechanism > - "CertificateVerify" handshake packet calculation > - "Finished" handshake packet calculation Thank you for the quick reply. So, I guess SSLv3 and TLS are almost identicle as far as encryptions are concerned and TLS differs from SSLv3 in terms of handshake, authentication, key management. If this is correct, then now onwards what should be preffered methods used for SSL_CTX_new() ? Should it be SSLv3 or TLSv1? Any perticular or obvious resons for selecting one over the other? thanks, ~ Urjit DISCLAIMER ========== This e-mail may contain privileged and confidential information which is the property of Persistent Systems Pvt. Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Pvt. Ltd. does not accept any liability for virus infected mails. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
