Re: [TLS] OE + TLS support
Martin Rex <martin.rex@sap.com> Wed, 14 February 2007 16:47 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HHNIJ-0007pv-GX; Wed, 14 Feb 2007 11:47:47 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HHNII-0007pq-DU for tls@lists.ietf.org; Wed, 14 Feb 2007 11:47:46 -0500
Received: from smtpde03.sap-ag.de ([155.56.68.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HHNIG-0005SS-WB for tls@lists.ietf.org; Wed, 14 Feb 2007 11:47:46 -0500
Received: from sap-ag.de (smtpde03) by smtpde03.sap-ag.de (out) with ESMTP id RAA19766; Wed, 14 Feb 2007 17:47:27 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200702141644.RAA26139@uw1048.wdf.sap.corp>
Subject: Re: [TLS] OE + TLS support
To: mike-list@pobox.com
Date: Wed, 14 Feb 2007 17:44:10 +0100
In-Reply-To: <45D326E3.4020500@pobox.com> from "Mike" at Feb 14, 7 07:12:35 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 856eb5f76e7a34990d1d457d8e8e5b7f
Cc: tls@lists.ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Mike wrote: > > > One government body I know has this set to the default (for their OS) of > > SSL2 Yes > > SSL3 Yes > > TLS1 No > > and can I get them to change it????? > > Well if you try to connect to www.americanexpress.com using TLS 1.0, > it chokes, but SSLv3 works. If they can be stuck in the past, there > are probably lots of others. On what in particular do they choke? Choking if you send them a correct SSL Hello (3.0 record protocol version, 3.1 client version) would be a problem, aborting if you do not agree to a server-asserted/chosen SSL v3.0 protocol should be OK. -Martin _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] OE + TLS support Facundo Barrera - GMail
- Re: [TLS] OE + TLS support Mike
- Re: [TLS] OE + TLS support tom.petch
- Re: [TLS] OE + TLS support Mike
- Re: [TLS] OE + TLS support Martin Rex
- RE: [TLS] OE + TLS support Pasi.Eronen
- Re: [TLS] OE + TLS support Mike