I understand from the stunnel documentation and from what I read on the Internet that MS has a buggy implementation of SSL; it fails to send a close_notify thing. The solution, says the documentation, is to set TIMEOUTclose=0. Being far from an SSL expert, I don't understand the implications of this setting. Won't it result in discarding close_notify from all browsers? Won't this create a security issue?
In addition, the stunnel faq says:
Currently stunnel implements ugly 10-seconds timeout to work with Microsoft...
How is this related to TIMEOUTclose? Is 10 the default value of TIMEOUTclose? What does IE do during this time?
