> We have some interop issue between TLS 1.0 and TLS 1.1. Our application is > based on OpenSSL 0.9.7 version (Linux - Operation system). This is Radvision > SIP stack and oSIP stack.
I don't quite understand. Does OpenSSL act as server or client? You must be referring to server... > It doesn't work with one of two possible scenarios: > 1) Client sends hello request to server where indicates that > the latest supported version it is TLS 1.1. Server accepts this request but > doesn't send back to client server hello request where should indicate the > latest supported version for him TLS 1.0. After that the connection is > dropped. (In correct behavior, server should send back to client server > hello request with TLS 1.0 and after that client should re-send hello > request but already using TLS 1.0). If we assume that OpenSSL acts as server, then I can't confirm this. I tried to send TSL 1.1 headers to 'openssl s_server' and it does not prevent it from responding with TLS 1.0 server hello. If we assume OpenSSL acts as client then it has to be modified version and then it's your responsibility... A. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
