[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problem with TLS 1.1 client connecting to TLS 1.0 server
From: |
Roland Dreier |
Subject: |
Re: Problem with TLS 1.1 client connecting to TLS 1.0 server |
Date: |
Wed, 26 Aug 2009 22:47:34 -0700 |
User-agent: |
Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.4.21 (linux) |
> So it seems that _gnutls_gen_rsa_client_kx() should be using the
> active version here, but I'm not sure what the correct real fix within
> the gnutls design is. Can someone provide guidance on how to fix this?
Never mind ... after reading the TLS spec more closely, I see that the
client is correct in using the highest version it offered in the
premaster secret. This is a bug (and apparently a common bug -- it
appears in the ietf TLS interoperability draft) in the server, and I
will report it to the server people.
Sorry for the noise.
- Roland
--
Roland Dreier <address@hidden> GPG Key: 1024D/E0EEFAC0
Fingerprint: A89F B5E9 C185 F34D BD50 4009 37E2 25CC E0EE FAC0
Sending >500KB attachments is forbidden by the Geneva Convention.
Your country may be at risk if you fail to comply.