That's great Norbert. Could you also test with:
ASN.27 SSL.111 X509.33
I fixed a bug and turned off a feature that were causing problems. I have been unable to connect to your server in all cases.
thanks, Robert
On Mar 21, 2007, at 1:23 AM, Norbert Hartl wrote:
On Tue, 2007-03-20 at 15:25 -0700, Robert Withers wrote:
Hey Ron,
You are back on the SSL version. The latest is SSL.111. You are missing all of the Certificate validation code that I put in and this is why you are able to connect, since all of the problems in this case are with validation. Since you have the latest X509, you are decoding the CertificateExtensions, which would expose problems 2 and 3, but you aren't encoding them for signature validation, per the above reason, so you never have a problem.
Norbert, if you load SSL.109 it should work, while we get this issue fixed. This is just missing a lot of security.
Yes, with 109 I can connect to my server and retrieve a document.
Thanks very much,
Norbert
cryptography@lists.squeakfoundation.org