[Cryptography Team] Debugging SSL on Linux
Robert Withers
reefedjib at yahoo.com
Wed Mar 21 13:27:44 UTC 2007
That's great Norbert. Could you also test with:
ASN.27
SSL.111
X509.33
I fixed a bug and turned off a feature that were causing problems. I
have been unable to connect to your server in all cases.
thanks,
Robert
On Mar 21, 2007, at 1:23 AM, Norbert Hartl wrote:
> On Tue, 2007-03-20 at 15:25 -0700, Robert Withers wrote:
>> Hey Ron,
>>
>>
>> You are back on the SSL version. The latest is SSL.111. You are
>> missing all of the Certificate validation code that I put in and this
>> is why you are able to connect, since all of the problems in this
>> case
>> are with validation. Since you have the latest X509, you are
>> decoding
>> the CertificateExtensions, which would expose problems 2 and 3, but
>> you aren't encoding them for signature validation, per the above
>> reason, so you never have a problem.
>>
>>
>> Norbert, if you load SSL.109 it should work, while we get this issue
>> fixed. This is just missing a lot of security.
>>
>>
> Yes, with 109 I can connect to my server and retrieve a document.
>
> Thanks very much,
>
> Norbert
>
More information about the Cryptography
mailing list