* Kai Engert:
> When attempting to connect to a SSL3-only server,
Which is now treated as version-intolerant, it seems.
> I see Firefox 34 attempting three connections, with TLS 1.2 {3,3},
> TLS 1.1 {3,2} and TLS 1.0 {3,1}, but not SSL3.
This still shows the fallback attempts, to TLS 1.0 even, which isn't
exactly stellar from a CBC padding perspective, either.
> With these new results, it's no longer clear to me what Florian was
> referring to.
I still think the fallback behavior you have shown is a browser bug,
and should be fixed there, but its removal. There seems to be rather
vehement disagreement, but I don't get way.
People who desparately need to connect to old devices can keep old
browser versions around, or you could offer a per-site configuration
knob (chances are you need that for SSL 3.0 support anyway). These
old devices frequently demand old browser or Java versions, so yet
another reason to keep an old browser around does not seem
particularly cumbersome to me.
The benefit from that would be that regular users are protected even
if servers do not implement TLS_FALLBACK_SCSV.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
