From owner-freebsd-security@FreeBSD.ORG Tue Aug 24 20:46:59 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 57B5F10656AD for ; Tue, 24 Aug 2010 20:46:59 +0000 (UTC) (envelope-from delphij@delphij.net) Received: from tarsier.geekcn.org (tarsier.geekcn.org [IPv6:2001:470:a803::1]) by mx1.freebsd.org (Postfix) with ESMTP id 031798FC0C for ; Tue, 24 Aug 2010 20:46:59 +0000 (UTC) Received: from mail.geekcn.org (tarsier.geekcn.org [211.166.10.233]) by tarsier.geekcn.org (Postfix) with ESMTP id 86F74A67A73; Wed, 25 Aug 2010 04:46:57 +0800 (CST) X-Virus-Scanned: amavisd-new at geekcn.org Received: from tarsier.geekcn.org ([211.166.10.233]) by mail.geekcn.org (mail.geekcn.org [211.166.10.233]) (amavisd-new, port 10024) with LMTP id 0VmYwhohmueq; Wed, 25 Aug 2010 04:46:51 +0800 (CST) Received: from delta.delphij.net (drawbridge.ixsystems.com [206.40.55.65]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by tarsier.geekcn.org (Postfix) with ESMTPSA id 67AD9A67893; Wed, 25 Aug 2010 04:46:50 +0800 (CST) DomainKey-Signature: a=rsa-sha1; s=default; d=delphij.net; c=nofws; q=dns; h=message-id:date:from:reply-to:organization:user-agent: mime-version:to:subject:references:in-reply-to:x-enigmail-version:openpgp: content-type:content-transfer-encoding; b=VN6gJYfQ9tV++yEt4UldKpL6QpRYGFYHfTUeLlIoKMn1APSQmtLnv8dlExyfKeXRn dingUE241Sn1YmC2yhCGw== Message-ID: <4C742FB5.9030503@delphij.net> Date: Tue, 24 Aug 2010 13:46:45 -0700 From: Xin LI Organization: The Geek China Organization User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.11) Gecko/20100721 Thunderbird/3.0.6 ThunderBrowse/3.3.2 MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <4C74242B.9090207@johnea.net> In-Reply-To: <4C74242B.9090207@johnea.net> X-Enigmail-Version: 1.0.1 OpenPGP: id=3FCA37C1; url=http://www.delphij.net/delphij.asc Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: implementing SNI X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: d@delphij.net List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Aug 2010 20:46:59 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2010/08/24 12:57, freebsd@johnea.net wrote: [...] > A simpler question that I've been unable to resolve: Does the openssl of > 8.1-RELEASE enable the TLS extensions, including SNI, by default? If I Yes. Cheers, - -- Xin LI http://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iQEcBAEBCAAGBQJMdC+1AAoJEATO+BI/yjfB4j0IAIATQIxzpsMnTqF3mm+f5LTZ NXS8LE465KxzxH1ebbDEyGVNhe3w40PXipZArYlhKP+s4z0FXLyi6SZRcCf4/vpM AF3+VJL465twk9Grzeko9WyNk2NS5Q8XxagCR6FRkGeP4ogWVPrbBGc8PE3BzO2d 3jOs1XSv3pe99qVvC4nF5tSSMajWMZkrlZUFB/d3AsTSrcKlE2qqRN8w5xI/SNVP mXFQ36dazA/ecmB6EvNrg+CiLscDDrLIQsPkqqgZ6RZzPUr0Wg/suVn8SMucarvo D9HafQNfOGpQklvQjLmCNiQtmPh/eV/e9O5EJJ+I91dT6q9cB1ZVmAgSHkAJgvU= =ej/j -----END PGP SIGNATURE-----