On 18/06/2013 01:41, Joachim Schipper wrote:
From: James Yonan :
On 14/06/2013 02:47, Joachim Schipper wrote:
>From James Yonan :
TLS Protocol
Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
exchange mechanism. But now we
On 17/06/2013 01:58, Steffan Karger wrote:
On 06/14/2013 09:53 PM, James Yonan wrote:
To get the adaptive versioning behavior in OpenSSL, you have to use
SSLv23_server_method() or SSLv23_client_method() and then explicitly
disable the versions you don't want to consider, i.e. SSL_OP_NO_SSLv2,
From: James Yonan :
> On 14/06/2013 02:47, Joachim Schipper wrote:
> >>From James Yonan :
> >> TLS Protocol
> >>
> >>
> >> Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
> >> exchange mechanism. But now we have TLS 1.1 and
On 06/14/2013 09:53 PM, James Yonan wrote:
> To get the adaptive versioning behavior in OpenSSL, you have to use
> SSLv23_server_method() or SSLv23_client_method() and then explicitly
> disable the versions you don't want to consider, i.e. SSL_OP_NO_SSLv2,
> SSL_OP_NO_SSLv3, SSL_OP_NO_TLSv1,
>From James Yonan :
> TLS Protocol
>
>
> Since day 1, OpenVPN has used TLS 1.0 as a control channel and key
> exchange mechanism. But now we have TLS 1.1 and 1.2, each of which
> addresses significant shortcomings in its predecessor. Fortunately,
> SSL/TLS already
On 12/06/2013 15:08, Arne Schwabe wrote:
Am 12.06.13 21:38, schrieb James Yonan:
About finding out which cipher client and server use. I am not really
familiar with this code so forgive my stupid question. TLS somehow also
does this "select the best cipher to use" dance. Why can't we use the