Thanks Richard..but I was thinking only SSL RECORDS with Record Type "APP DATA" Contain application data!!! If I can ensure that only complete SSL Records of Type Handshake, Change cipher spec, and Alerts are given to OpenSSL, it can process it rite? This way how can openssl know that app data records have been removed..? Hope I am making sense here..
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Salz Sent: Friday, July 21, 2006 5:41 PM To: openssl-users@openssl.org Subject: RE: Query On SSL Processing > Ok, what I meant is I will be removing the SSL record along with the > app data!! > So this should be fine right? Then SSL will notice that records have been removed. Since records can contain application data, and SSL guarantees the integrity of the application bytestream, *ANY* attempt by an intermediary to prevent the recipient from getting all the original bytes that are sent will be noticed. Any SSL implementation that does not do this is fundamentally flawed. You'll have to hack the source. /r$ -- SOA Appliances Application Integration Middleware ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
