Salz, Rich wrote:
The common practice is for clients to connect in the clear, then issue a command to turn
on TLS, such as the SMTP STARTTLS command.
It is only common practice for a small number of well known protocols.
This doesn't mean it is the best solution.
If you have a bespoke
El día Saturday, November 16, 2013 a las 08:36:33PM -0500, Dave Thompson
escribió:
I was thinking more in a solution where the client reads the first 8
bytes from the socket and checks if the beginning of the GoodMorning
message is there in clear text (like 220 SLNP) and if not
it should
From: owner-openssl-users On Behalf Of Matthias Apitz
Sent: Friday, November 15, 2013 14:43
El día Friday, November 15, 2013 a las 12:58:40PM -0500, Watson, Patrick
escribió:
Traditionally, there are 2 methods that immediately come to mind. One
way is to have the SSL version of the
Hello,
We have application servers, written in C, which can be configured to do
SSL or not. In any case they send out a goodmorning message, ciphered
with SSL or in clear text if they run configured in clear text.
What would be the best method for a C-written client to figure out if
the server
Traditionally, there are 2 methods that immediately come to mind. One way is to
have the SSL version of the server listen on a different port than the plain
text version. Alternatively, your protocol could include a STARTTLS like
command that indicates that the system wants to communicate
The common practice is for clients to connect in the clear, then issue a
command to turn on TLS, such as the SMTP STARTTLS command.
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
__
OpenSSL Project
El día Friday, November 15, 2013 a las 12:58:40PM -0500, Watson, Patrick
escribió:
Traditionally, there are 2 methods that immediately come to mind. One way is
to have the SSL version of the server listen on a different port than the
plain text version. Alternatively, your protocol could
I was thinking more in a solution where the client reads the first 8 bytes
from the socket and checks if the beginning of the GoodMorning message is
there in clear text (like 220 SLNP) and if not it should handover this
buffer and the socket fd for further SSL handshake... Is this