[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GnuTLS, OpenSSL support for TLS1.1, 1.2
From: |
Vivek Dasmohapatra |
Subject: |
Re: GnuTLS, OpenSSL support for TLS1.1, 1.2 |
Date: |
Fri, 29 Jan 2010 13:14:31 +0000 (GMT) |
User-agent: |
Alpine 2.00 (DEB 1167 2008-08-23) |
I don't see anything beyond TLSv1.0 in /usr/include/openssl/tls1.h on my
system. If you have any more reliable information, please let us know.
I ran up against a buggy proprietary server which a user reported didn't
work with our GnuTLS backend but did with OpenSSL - turned out to be
because the server exploded in a messy fireball if it saw a minor version
of the protocol in the client hello that it didn't know about, instead of
responding with the highest protocol level it supported (analysed with
ssltap from libnss3 - is there an equivalent from GnuTLS, btw?): The
OpenSSL verssion worked because it only ever advertised TLS1.0, and I
couldn't find any reference to making it advertise a higher version of the
protocol. Not conclusive, but it does point to OpenSSL not implementing
TLS 1.1 or 1.2 (at least in any documented, on-by-default way).
- GnuTLS, OpenSSL support for TLS1.1, 1.2, Brandt Springman, 2010/01/28
- Re: GnuTLS, OpenSSL support for TLS1.1, 1.2, Simon Josefsson, 2010/01/29
- Re: GnuTLS, OpenSSL support for TLS1.1, 1.2,
Vivek Dasmohapatra <=
- Re: GnuTLS, OpenSSL support for TLS1.1, 1.2, Simon Josefsson, 2010/01/29
- Re: GnuTLS, OpenSSL support for TLS1.1, 1.2, Vivek Dasmohapatra, 2010/01/29
- Re: GnuTLS, OpenSSL support for TLS1.1, 1.2, Nikos Mavrogiannopoulos, 2010/01/29
- Re: GnuTLS, OpenSSL support for TLS1.1, 1.2, Steve Dispensa, 2010/01/29