subject:"can TLS be used securely or it is flawed by design not allowing to use it securely \(was\: Re\: Re\-negotiation handshake failed\: Not accepted by client\!\?\)"

Re: can TLS be used securely or it is flawed by design not allowing to use it securely (was: Re: Re-negotiation handshake failed: Not accepted by client!?)

2010-01-12 Thread Kyle Hamilton

Responses inline, again. :) On Tue, Jan 12, 2010 at 2:53 AM, Steffen DETTMER wrote: > The main thing I still not understood is whether TLS by design > enforces the `bad behavior', meaning TLS cannot be used securely > at all by anyone, > - or - > if TLS just does not enforce to use is securely, m

can TLS be used securely or it is flawed by design not allowing to use it securely (was: Re: Re-negotiation handshake failed: Not accepted by client!?)

2010-01-12 Thread Steffen DETTMER

Hi, thank you for your detailed explanations. The main thing I still not understood is whether TLS by design enforces the `bad behavior', meaning TLS cannot be used securely at all by anyone, - or - if TLS just does not enforce to use is securely, meaning that TLS relies on application code imple