Welcome! Log In Create A New Profile

Re: SSL: reject unsupported protocols "negotiated" during handshake

Forum List Message List New Topic Print View

Maxim Dounin

April 03, 2013 07:04AM

Hello!

On Tue, Apr 02, 2013 at 06:06:02PM -0700, Piotr Sikora wrote:

> Hey,
> OpenSSL doesn't do anything to verify that "negotiated" protocol
> was actually advertised to the client, so we have to do it ourselves.

Do we care? I think it's ok to assume HTTP by default, even if a
client sent something different from what we've advertised.

--
Maxim Dounin
http://nginx.org/en/donation.html

_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply Quote

RSS

Subject	Author	Views	Posted
SSL: reject unsupported protocols "negotiated" during handshake	Piotr Sikora	1135	April 02, 2013 09:08PM
Re: SSL: reject unsupported protocols "negotiated" during handshake	Maxim Dounin	445	April 03, 2013 07:04AM
Re: SSL: reject unsupported protocols "negotiated" during handshake	Piotr Sikora	477	April 03, 2013 06:18PM
Re: SSL: reject unsupported protocols "negotiated" during handshake	Maxim Dounin	787	April 04, 2013 10:42AM

Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 162

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018