Re: SSL -> TLS



Lassi Hippeläinen <lahippel.at.ieee.org@xxxxxxxxxxxx> wrote:
TLS 1.0 is something like SSL 3.1 with a new name. The new name was
given when SSL became a proposed Internet standard.
AFAIK it went the other way. TLS 1.0 is based on SSL 3.0, but is a little
different. Netscape decided to call it SSL 3.1.

From RFC 2246:

| 3. Goals of this document
| This document and the TLS protocol itself are based on the SSL 3.0
| Protocol Specification as published by Netscape. The differences
| between this protocol and SSL 3.0 are not dramatic, but they are
| significant enough that TLS 1.0 and SSL 3.0 do not interoperate
| (although TLS 1.0 does incorporate a mechanism by which a TLS
| implementation can back down to SSL 3.0).
| ...
| 6.2.1. Fragmentation
| ...
| version
| The version of the protocol being employed. This document
| describes TLS Version 1.0, which uses the version { 3, 1 }. The
| version value 3.1 is historical: TLS version 1.0 is a minor
| modification to the SSL 3.0 protocol, which bears the version
| value 3.0.

I don't now, if you're right or not ;-)

Yours,
VB.
--
Wenn Du "Ich sehe die Mathematik als einzigen Bereich an, wo es klare
Beweise gibt." und "Ich fuehle mich in einem Anzug unwohl." als Aussagen
mit aequivalentem Meinungsinhalt betrachtest, hast Du mit Deinem Gleichnis
recht. (Michail Bachmann zu Thomas Wallutis in d.a.s.r)
.