You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Christopher Sean Hilton <ch...@vindaloo.com> on 2009/04/17 18:03:00 UTC

[users@httpd] How does Mod_ssl decide what to use: of SSL or TLS?

Does anyone know the mechanism that mod_ssl uses to chose the  
connection protocol? Assuming the client will accept SSLv3 as well as  
any TLS, How does mod_ssl make this decision? Or, is it up to openssl?  
I've read the mod_ssl code and it's not obvious to me. Do the TCP  
window size have anything to do with it?

-- Chris

-- 
Chris Hilton                                   chris-at-vindaloo-dot-com
------------------------------------------------------------------------
                "All I was doing was trying to get home from work!"
                                                 -- Rosa Parks


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] How does Mod_ssl decide what to use: of SSL or TLS?

Posted by Matus UHLAR - fantomas <uh...@fantomas.sk>.

On 17.04.09 12:03, Christopher Sean Hilton wrote:
> Does anyone know the mechanism that mod_ssl uses to chose the connection 
> protocol? Assuming the client will accept SSLv3 as well as any TLS, How 
> does mod_ssl make this decision? Or, is it up to openssl? I've read the 
> mod_ssl code and it's not obvious to me.

I think that server announces what protocols it supports and has allowed,
then client decides which to prefer. However I'm not SSL guru, search for
SSL and protocols description to see which will apply.

> Do the TCP window size have anything to do with it?

no
-- 
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org