httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Wilson <and...@aaaaaaaa.demon.co.uk>
Subject SSL compatibility (fwd)
Date Tue, 09 Apr 1996 16:37:28 GMT
FYI.  Any comments?:

> From: John Hemming - CEO MarketNet <johnhemming@mkn.co.uk>
> Date: Mon, 08 Apr 1996 17:37:44 PM PDT
> To: www-security@ns2.rutgers.edu
> Message-Id: <1996-Apr08-173744.1>
> Mime-Version: 1.0
> X-Mailer: Internet WorkHorse 0.169b
> Content-Type: text/plain; charset=iso-8859-1
> Content-Transfer-Encoding: 8bit
> Subject: SSL compatibility
> Sender: owner-www-security@ns2.rutgers.edu
> Precedence: bulk
> Errors-To: owner-www-security@ns2.rutgers.edu
> Resent-Date: Mon, 8 Apr 1996 23:42:00 +0100
> Resent-To: andrew@aaaaaaaa.demon.co.uk
> 
> I have just noticed an interesting difference between the implementations
> of SSL servers by Netscape and myself and others.  Netscape and I
> when parseing the masterkey following the RSA mod mult calculations
> identify the masterkey by an offset of the resultant number.  This 
> should be preceeded by a hex 0x0.  Others look for the first 0x0 in the
> resultant number and identify the masterkey after that (or the chunk that
> is sent encrypted at least).
> 
> This did cause an error when my browser hit a server using the other
> scheme.  My browser worked with Netscape servers and my own
> server.  I have fixed the error and a modified version of the browser is now
> available at ftp://193.119.26.70/mktnet/pub/horse.zip
> 
> Anyone else implementing SSL links should be aware of this.

Mime
View raw message