RE: Newbie question - Diff Between SSL3.0 and TLS1.0

Fri, 04 Aug 2000 08:35:16 -0700 

Frederic,
For your latter question, look at the following book "SSL and TLS
Essentials: Securing the Web" by Stephen Thomas (c) 2000, published by
Wiley. He does an excellent job covering the details of the SSL protocol and
gives the specific differences between SSL 3.0 and TLS 1.0. In a nut shell
they are:
    - new version number (i.e. 3.1)
    - some new alter messages
    - use of HMAC for message authentication
    - a new PRNG for generating key material based on HMAC
    - a change to the CertificateVerify and Finished messages
    -  some change to cipher suites supported (i.e. remove Fortezza)
 
I am quoting from Thomas' book (which I read on the plan yesterday ; ) - I
have not done the specific comparisons on the standards myself. If this
information is in error or incomplete, someone please correct me.
Thanks,
Dave Wheeler

-----Original Message-----
From: Frederic Rudman [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 04, 2000 8:22 AM
To: [EMAIL PROTECTED]
Subject: Newbie question



This is a newbie question.
 
Sorry in advance if this is the wrong place to send this message (and if I'm
in the wrong place, just let me know: I won't send emails here again).
 
I'm considering porting the ssl code (client-side only) onto an embedded
device (a.k.a. Internet appliance) to allow it to perform secure
communications with an SSL-compliant server.
 
Questions:
0) Has this already been done? (if so, by whom/contact info, for what env.)
1) Is there a group that focuses on such issues (e.g. porting the code,
embedded devices, non-wintel/non-unix envs)
2) What's the approximate footprint of the compiled client side of SSL
(ballpark, on any given platform)
3) Where can I find a list of the hardware/os-related modules required for a
successful port of the code (e.g. malloc, free, ...) for all functions not
included as part of the source.
 
BTW: what's the diff. bet SSL v3.0 and TSL1.0?
 
Thanks.
-----------------------------------------------------------
Frederic Rudman
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> 
Chatham Software Corp.
(518) 392-8730


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to