[Haskell-cafe] Need urgent help with Network.tls
Vincent Hanquez
tab at snarc.org
Sat Feb 23 23:28:20 CET 2013
On 02/23/2013 09:05 PM, Brandon Allbery wrote:
> On Sat, Feb 23, 2013 at 1:58 PM, C K Kashyap <ckkashyap at gmail.com> wrote:
>
>> What I am really looking for is a small sample code that demonstrates how
>> TLS package can be used to connect to a webserver or imapserver.
>>
> TLS isn't actually SSL, despite SSL getting blessed as "TLS 0.9". Various
> attempts at TLS-enabled web protocols have foundered, so you won't find
> much code to speak TLS to web servers. (SSL is negotiated at socket connect
> time and involves no protocol commands.) In short, sample code that can do
> https would be completely useless for comparing to TLS-enabled code.
SSL and TLS can be negociated at socket connect. TLS is just the
standard name of SSL. at the wire level, TLS1.x is SSL 3.(1+x).
What you're refering to is the STARTTLS style protocol command which
work independently of the version of TLS (include SSL2, SSL3).
Many programs have abused "SSL" and "TLS" different name to
differentiate how TLS is negociated (straight away, or with a protocol
command). Fortunately more and more programs do the right thing and
differentiate the two types with the following two options: "SSL/TLS" or
"STARTTLS".
--
Vincent
More information about the Haskell-Cafe
mailing list