Peter Gutmann wrote:
[snip] Are there products around that will
actually reject an MSIE handshake with its wrong version number?
Yes, All NSS-based server products will do that by default.
There is a configuration option to disable the version roll-back
detection, and it is conceivable that some NSS-based server products
have turned it on, but I doubt it. When NSS-based server products
have problems, I always hear about it, and I've yet to hear a complaint
that boils down to "IE with TLS enabled doesn't work with our servers".
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
