Hello there, I am a newbie on the list and really hope this is no FAQ, sorry if so. As I can see in the SSL-Specification, SSL uses a sequence number so you could detect replay attacks (replaied packets). There is nothing written about, if and how this number is actually used for this purpose. Does anybody uses this sequence number with OpenSSL to test for replay attacks? I am implementing a Mixsystem for anonyme communications (Chaum) using SSL and I really need something to prevent replay attacks not only between several sessions (this is done with help of the random numbers from the handshake protocol, as I understand) but in a session itself. Does SSL test the sequence number and discard repeted packets? Is there a function in OpenSSL I could use for this?? Thank you in advance and sorry for typos. There probably are many :-) Doris ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
