> > > PS. Whether this is considered to be a "bug" on OpenSSL's side, or > whether > > > OpenSSL is correct in sending an empty fragment and the peer's software > is > > > incorrect, is another topic. > > > > OpenSSL clearly behaves according to the SSL 3.0 and TLS 1.0 > > specifications. If the IBM SSL library does not tolerate the empty > > fragments, then this is a bug that should be fixed in that library. > > I have passed this on to the IBM SSL developers. Thank you all for your > responses. :)
This bug was reported to IBM in May 2002 Jeffrey Altman * Sr.Software Designer Kermit 95 2.0 GUI available now!!! The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP http://www.kermit-project.org/ Secured with MIT Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
