On 18/08/2015 23:06, jonetsu wrote:
OK. So this means that the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is not the
solution for the BEAST attack. Is there a solution while keeping TLS 1.0
and SSL v3.0 ?
Thanks.
The solution is NOT setting
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS and hoping the other
end doesn't have whatever bug caused the OpenSSL team to
disable the workaround by default.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
