Florian,
On 10/21/2014 06:38, Florian Weimer wrote:
I still think the fallback behavior you have shown is a browser bug,
and should be fixed there, but its removal. There seems to be rather
vehement disagreement, but I don't get way.
+1 , any fallback is a bug. SSL has built-in protocol version negotiation.
People who desparately need to connect to old devices can keep old
browser versions around, or you could offer a per-site configuration
knob (chances are you need that for SSL 3.0 support anyway). These
old devices frequently demand old browser or Java versions, so yet
another reason to keep an old browser around does not seem
particularly cumbersome to me.
We think alike....
The benefit from that would be that regular users are protected even
if servers do not implement TLS_FALLBACK_SCSV.
Indeed. Servers that care about the SSL3 issue aren't going to upgrade
software to pick up TLS_FALLBACK_SCSV . They will just disable SSL3 in
the configuration, which is much simpler and much quicker to do . Some
servers may do both, but it won't be the majority.
TLS_FALLBACK_SCSV serves no purpose except to perpetuate the illusion
that the browser fallback makes some sort of sense.
Julien
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
