"Ralf S. Engelschall" wrote:
>
> On Tue, Jul 04, 2000, Ben Laurie wrote:
>
> > > > > N.B. I can see some GID sites using my copy of 5.01 / 56 bit. Whether this
> > > > > is a server-side workaround or something else I don't know. Any clues?
> > > >
> > > > 56-bit IE5 works with apache_ssl but doesn't work with mod_ssl
> > >
> > > If this is the case then the IE5 bugs have to be related to the stricter
> > > handling of the SSL protocol by mod_ssl. For instance mod_ssl performes a more
> > > correct connection shutdown, etc. But then this is not mod_ssl's fault, it's
> > > IE5's fault, of course.
> >
> > I think that is leaping to conclusions. Besides, the stepup shouldn't
> > involve a shutdown.
>
> That's also what I would expect. But the shutdown handling is the only
> prominent difference between Apache-SSL and mod_ssl's protocol handling. So
> either the user used Apache-SSL with a different OpenSSL version (and so the
> difference is actually inside OpenSSL) or it has to be related to shutdown
> handling. At least from the descriptions of the users, it seems the trouble is
> more related to OpenSSL instead of Apache-SSL or mod_ssl. Hmm..
There seems to be a lot of variance in the reports, too, so I'm not
convinced there's actually any difference between Apache-SSL and mod_ssl
in this case.
But yes, it is an OpenSSL problem. I'm investigating.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe 2000? http://apachecon.com/
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
