The change introduced in OpenSSL 0.9.6d to prevent attacks on CBC
ciphers with known IVs seems to break compatibility.
Several discussions on the list and discussions I had in private email
indicate, that compatibility problems arise from this change. It should
be discussed, whether there is another way to circumvent the problem
(probably not), whether the problem is that dangerous that the
compatibility problems are acceptable with respect to the risk, or
whether the change should be reverted until an "official" solution in
the TLS specification is made.
This problem also applies to the 0.9.7 and later versions.
Best regards,
Lutz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
