[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TLS] Open issue: Record Version Numbers
Peter Gutmann wrote:
> <Pasi.Eronen@xxxxxxxxx> writes:
>
>> And here's the slightly cleaned text about SSL 2.0 compatibility:
>
> I know I've said this before, but can't we finally kill SSLv2? Both MSIE 7
> and Firefox (Mozilla/whatever) have now removed support for it, which means
> that it's finally dead no matter what the spec still says about it.
Not quite. When FireFox 2 encounters a "TLS intolerant" server (one that
fails to negotiate a handshake properly when the client hello specifies
version 3,1) it reverts to a backward compatible mode in which it sends
SSL2 format client hellos bearing version 3,0, just as it has done for
over a decade. Yes, this appears to be necessary with some servers,
and maximum interoperability is still the name of the browser game.
--
Nelson B
_______________________________________________
TLS mailing list
TLS@xxxxxxxxxxxxxx
https://www1.ietf.org/mailman/listinfo/tls