Hear us Roar
| Weblog: |
|
Google Talk and iChat SSL Error - 9843
|
| Subject: |
|
Fails in Fire, too. |
| Date: |
|
2005-09-17 20:16:35 |
| From: |
|
knapjack
|
|
|
|
I occasionally use the Fire multinetwork client (think GAIM for OSX) and thought, heck, might as well give it a whirl, and it outright crashes when trying to connect to Google Talk (ouch).
Some packet sniffing with Ethereal and it seems like iChat never gets past the SSL negotiation. You see them offer up their SSL certificate (from Thawte) and then it's game over, no further response from iChat.
Maybe it's some change in the SSL certificate. I did some poking at the SSL support in Inferno a year or two ago, and I remember seeing that Windows handles CA referrals strange (I think there used to be a Mozilla bug that it tickled, too), so maybe Google adopted some variation that makes iChat barf.
I ran into an issue with WPA support on OSX, and a friend had read that Apple likes standards and a lot of the cheap wireless APs do not implement WPA-PSK well and it breaks on OSX because it's less forgiving. Maybe we have a similar situation where Google adopted an SSL variation that doesn't follow the RFCs (or is in the backwaters of the spec), but most other implementors are more forgiving (or are using OS-level SSL libraries that are more forgiving) and their clients just keep working.
Just supposition, though.
|
Showing messages 1 through 1 of 1.
-
More clues
2005-09-18 00:04:10
knapjack
[View]
|
Showing messages 1 through 1 of 1.
|
|
| |
I noticed when I did the packet capture that the SSL certificate being issued from Google is from Thawte, but the iChat config instructions on the Web site say to allow self-signed certificates.
Could Google have changed certificates without telling anyone, and iChat is balking at the change? Who knows.
More on iChat's SSL:
http://edr.euro.apple.com/documentation/Security/Reference/SecAppleTrustPolicyModuleSpec/Apple_Trust_Policy_Module_Functional_Specification.pdf