Bodo Moeller wrote:
> While this is true, the SSLeay/OpenSSL behaviour makes sense in that
> the SSL 3 or TLS 1.0 methods accept just there specific protocols.
> When compatibility with SSL 2 client hello messages is desired (which,
> as you note, can be the case even if SSL 2 is not accepted), one has
> to use the ssl23 stuff -- one still can disable SSL 2 (or both SSL 2
> and SSL 3). For example, "openssl s_server -no_ssl2 -no_ssl3" forces
> the use of TLS, but accepts the SSL 2 client hello format (which
> "openssl s_server -tls1" does not).
I'll buy that. Thanks.
-Roland
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]