On Tue, Sep 08, 2009 at 03:45:35AM +0000, Damien Hull wrote:
> I did some quick searching on SSL & TLS. I can't find an RFC for SSL.
> I did find drafts for SSL but no actual RFC.
SSL was never really formally standardized. TLS is an attempt to
standardize it, along with adding extra features.
That being said, you can find specifications:
SSLv2: http://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html
SSLv3: http://www.freesoft.org/CIE/Topics/ssl-draft/3-SPEC.HTM
Wikipedia covers most of the salient points, along with the history.
Beware of GnuTLS. From everything I've read and experienced, it's far
less robust than OpenSSL. Unfortunately, the Debian OpenLDAP package is
compiled to use GnuTLS instead of OpenSSL, and I had no end of problems
getting it working. I ended up having to rebuild the packages to use
OpenSSL.
-- Michael Fowler www.shoebox.net --------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.Received on Tue Sep 8 18:21:12 2009
This archive was generated by hypermail 2.1.8 : Tue Sep 08 2009 - 18:21:12 AKDT