David Woodhouse wrote: > On Mon, 2008-10-13 at 09:01 +0200, Lutz Jaenicke via RT wrote: > >> Note: I have reverted the DTLS1_BAD_VER part as DTLS1_BAD_VER handling >> is not present in HEAD (0.9.9). >> > > That makes sense. > > I assume that DTLS1_BAD_VER handling wasn't added to HEAD because the > pre-RFC version of DTLS was considered to be an OpenSSL-specific thing > that would quickly die out as people upgraded to 0.9.8f and beyond? > > Now we've observed that there are servers in the wild which implement > that old OpenSSL-specific version of the protocol, but which we'd like > to be compatible with. If I can actually get that working in HEAD, would > a patch to support it be acceptable? > I had a deeper look into the mailing list archive and I did not find any explicit statement on why this was handed differently in 0.9.8 and in HEAD. Finally we would of course prefer to move people to update to an RFC compliant version, so I guess the pre-RFC support should be configurable somehow. Andy, what do you think?
Best regards, Lutz ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]