Hi Richard, Thanks for the reply, I did some research and found that there is an openssl patch which can get me this option, I tried it in my lab and it works also.
Here is the location of patch http://technotes.googlecode.com/git-history/3bea6d3d226c878577c0d520784e14f2c8efbe1c/openssl-1.0.0d-falsestart.patch There is an option also in s_client to do so, here is an example openssl s_client -connect 10.24.132.51:443 -cutthrough Ritesh -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Richard Könning Sent: Friday, October 07, 2011 7:44 AM To: openssl-users@openssl.org Subject: Re: TLS false start support on Openssl Am 06.10.2011 23:28, schrieb Ritesh Rekhi: > > Does openssl support TLS false start > http://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00 ? I cite the last section of this draft: > At the time of writing, the authors are not aware of any deployed TLS > implementation that is not False Start compatible (with one single > host still pending investigation). However, if an implementation > uses a strategy of receiving as many bytes as available from the > underlying transport during the handshake (expecting to find only > handshake messages), achieving False Start compatibility would likely > require special care. One of the authors being member of the OpenSSL team i think that he has investigated the OpenSSL case. > If Openssl supports TLS false start how can I use it with s_client ? When there is not already an appropriate option (i didn't check), you have to add corresponding code to s_client. Ciao, Richard ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
