Re: [openssl-dev] Known apps supporting tls max frag size extn

2017-12-04 Thread Hubert Kario 
On Monday, 4 December 2017 13:43:32 CET Jitendra Lulla via openssl-dev wrote:
> Thanks Joey.
> 
> And I found the url for listing a server's tls extensions here:
> 
> http://possible.lv/tools/hb/?domain=yahoo.com
> 
> Do you know how we can enable/test the extensions using firefox or any other
> browser?

Can't speak for other browsers, but for Firefox it is not possible - the 
underlying library - NSS - does not expose API that allows addition of 
arbitrary extensions.

in general, tests like these are usually performed either using modified 
libraries or by using completely custom implementations of TLS

> 
> On Mon, 12/4/17, Joey Yandle  wrote:
> 
>  Subject: Re: [openssl-dev] Known apps supporting tls max frag size extn
>  To: "Jitendra Lulla" , openssl-dev@openssl.org
>  Date: Monday, December 4, 2017, 5:13 AM
> 
>  > Also, I have lost the url of a website
> 
>  which used to analyze any given server ( eg www.yahoo.com)
>  for its supporting various tls extensions. You provide the
>  server url and it will display all the tls extns supported
>  by that server.  If you know of any such url, could you
>  please help me with that also.
> 
> 
> 
>  openssl s_client has an
>  argument -tlsextdebug:
> 
>  $
>  openssl s_client -connect www.yahoo.com:443 -tlsextdebug
>  CONNECTED(0003)
>  TLS server
>  extension "renegotiation info" (id=65281),
>  len=1
>  0001 - 
>  TLS server extension "EC point
>  formats" (id=11), len=4
>   - 03 00 01
>  02 
>  
>  TLS server extension "session
>  ticket" (id=35), len=0
>  TLS server
>  extension "heartbeat" (id=15), len=1


-- 
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 115, 612 00  Brno, Czech Republic

signature.asc
Description: This is a digitally signed message part.
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Known apps supporting tls max frag size extn

2017-12-04 Thread Jitendra Lulla via openssl-dev 

Thanks Joey.

And I found the url for listing a server's tls extensions here:

http://possible.lv/tools/hb/?domain=yahoo.com

Do you know how we can enable/test the extensions using firefox or any other 
browser?


On Mon, 12/4/17, Joey Yandle  wrote:

 Subject: Re: [openssl-dev] Known apps supporting tls max frag size extn
 To: "Jitendra Lulla" , openssl-dev@openssl.org
 Date: Monday, December 4, 2017, 5:13 AM
 
 > Also, I have lost the url of a website
 which used to analyze any given server ( eg www.yahoo.com)
 for its supporting various tls extensions. You provide the
 server url and it will display all the tls extns supported
 by that server.  If you know of any such url, could you
 please help me with that also.
 >
 
 
 openssl s_client has an
 argument -tlsextdebug:
 
 $
 openssl s_client -connect www.yahoo.com:443 -tlsextdebug
 CONNECTED(0003)
 TLS server
 extension "renegotiation info" (id=65281),
 len=1
 0001 - 
 TLS server extension "EC point
 formats" (id=11), len=4
  - 03 00 01
 02                                      
 
 TLS server extension "session
 ticket" (id=35), len=0
 TLS server
 extension "heartbeat" (id=15), len=1
 
 
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev