[openssl-users] SSL session resumption from different TLS version
Prabhat.Puroshottam at outlook.com
Mon Aug 1 04:39:45 UTC 2016
> IIRC the behaviour is different in the forthcoming OpenSSL 1.1.0. In
> that version the client does not fix its version to the session version.
> The client remains version flexible - if the server does not wish to use
> the same version as was in the session then they can still negotiate a
> different one and the session simply does not get used.
Thanks Matt, for that detailed and helpful reply.
Is it at all possible to merge these changes being done in OpenSSL 1.1.0
to older version of OpenSSL (as we build and ship our own version of
OpenSSL)? Or is the nature of changes very complex in nature?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users