Oh.. man, I always answer my own questions. What's happening here is
that the rollback protection afforded for version 2 -> 3 in the
client-key-exchange message, is also hurting me when I'm trying to make
a TLS connection an SSL3 connection.. which means I have to either
maintain two separate master secrets, or just implement TLS. Damn.
Anyone want to please tell me I'm wrong and its something simpler and I
don't have to implement a whole other protocol?
- Peter
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]