Il 17/10/2014 11:05, Florian Weimer ha scritto:
Do you downgrade the support protocols on handshake failures, like web browsers do?
Not explicitely. I think it's my fault at understanding the issue -- I somehow that that could be the case when using
SSL_CTX_new(SSLv23_client_method()) which is what I actually have in the code.
If not, then you cannot use SSL_MODE_SEND_FALLBACK_SCSV in any way, and you do not need it, either.
Ok, then I definitely misunderstood Rich's suggestion (earlier in the thread) about "I recommend that you always set that flag.".
Thank you for the clarifications. Regards, -- Giuseppe D'Angelo | [email protected] | Software Engineer KDAB (UK) Ltd., a KDAB Group company Tel. UK +44-1738-450410, Sweden (HQ) +46-563-540090 KDAB - Qt Experts - Platform-independent software solutions
smime.p7s
Description: Firma crittografica S/MIME
