On Sun, Jun 16, 2002 at 12:48:42PM -0400, Michael Chang wrote:
> I'm wondering if it's possible to "engage" SSL *after* normal, non-SSL
> transmission has occurred. I have a server that I'm developing, and I'd
> like it to be flexible in terms of allowing clients to choose whether or
> not to encrypt the session data. When the client first connects, it
> sends to the server, in the clear, a kind-of application-level handshaking
> string, whereby it tells the server whether or not it wants to use
> SSL --- already, data has been transmitted over regular, non-SSL-filtered
> sockets.
> Is it possible to "engage" SSL after data has already been transmitted?
Yes. This is the normal case for several protocols now, e.g. the
STARTTLS extension for SMTP RFC2487. By looking around for applications
supporting this protocol, you will find examples on how to implement
it.
Shameless plug: I am author of the Postfix/TLS package implementing
STARTTLS for the Postfix MTA :-)
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
