On 12/9/08 10:30 AM, "Alan Altmark" <[EMAIL PROTECTED]> wrote:
> TcpSStatus contains the state information maintainted by the stack in > cooperation with the SSL server. I wanted to know if the state > information it returns it is sufficient to meet the needs of Mr. > Ackerman's programmers. If so, it can be used now, with some creative > programming to convert socket numbers to connection numbers. I'd also > entertain a requirement to add a C (IUCV) interface to obtain the > information. I guess my thought was that you have the ability to compare what this routine provides with the de facto standard SSL API used by the remainder of the industry and get a pretty good idea of whether it matches up with what they would expect from other platforms. The OpenSSL API docs are just the right size for a pizza dinner's reading...8-). Based on those criteria, no, I don't think it would be adequate in that it omits the endpoint identification piece I mentioned. It is probably adequate for the encryption state and strength pieces. I think you need to add the ability to at least retrieve a certificate tag for the site and an optional (but highly desirable) user certificate tag.