Re: SSLv23_method or TLSv1_method

Tue, 17 Oct 2000 02:15:33 -0700 

On Tue, Oct 17, 2000 at 11:08:25AM +0200, Bodo Moeller wrote:
> On Mon, Oct 09, 2000 at 10:21:56PM -0600, Peter Dennis Bartok wrote:
> 
> > In a server that supports TLS (e.g. a imap server), when the server receives
> > the STARTTLS command, should the method that the SSL_CTX is created with be
> > SSLv23_method() or TLSv1_method()? I was under the impression that it should
> > be TLSv1_method(), thus the START>TLS< command, but I cannot find any
> > documentation to proof it.
> 
> For backwards compatibility with SSL only clients, you should use
> TLSv1_method.  I think Paul agreed to add something to this effect
> to the next draft for the successor of RFC 2487.

Did I get you right???
The new draft says:
   Servers MUST be able to understand backwards compatible SSL Client
   Hello messages (provided that client_version is TLS 1.0 or later),
   and clients MAY use backwards compatbile Client Hellos messages.
   Neither clients or servers are required to actually offer Client
   Hello messages for anything other than TLS 1.0.
This actually only enforces TLS 1.0 (or later) support.

A server that only uses TLSv1_method() will not be able to handle any
client with SSLv2 (v3?) client hello messages. I don't now which client
actually supports STARTTLS for imap, but if it sends a (compatible)
SSLv2 hello message, the connection with this server will fail.

As for RFC2487 (STARTTLS for SMTP), it is implemented in e.g. in Netscape,
which only understands SSLv2 and v3 and without special setup, it will
send a SSLv2 client hello. An TLSv1_method() server would not be able to
process this request.

Provided that all servers supporting STARTTLS understand TLSv1, the most
compatible _and_ conformant way of doing things should be:
Server: SSLv23_method() (will accept everything)
Client: TLSv1_method() (will send out TLSv1 protocol).
To my knowledge, at least the CommunigatePro SMTP server violates this rule,
so that the Client would fail. So my recommondation would be SSLv23_method()
for the client, too.

Best regards,
        Lutz
-- 
Lutz Jaenicke                             [EMAIL PROTECTED]
BTU Cottbus               http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik                  Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus              Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to