Changes between Initial Version and Version 3 of Ticket #725


Ignore:
Timestamp:
09/02/16 09:45:29 (6 years ago)
Author:
David Sommerseth
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #725 – Description

    initial v3  
    1010If the server side is configured with --fips-mode, it should reject clients which do not support FIPS.  However a client does not need to explicit enable --fips-mode, it should switch to that automatically if the server signals FIPS mode being enabled.
    1111
    12 If the client is configured with --fips-mode, it enforces FIPS mode.  So if the client does not support FIPS, it shold close the connection.
     12If the client is configured with --fips-mode, it enforces FIPS mode.  So if the server does not support FIPS, the client should close the connection.
    1313
    1414The question is if the SSL libraries can be switched to FIPS mode after the initial connection handshake, and how to actually do this signalling