On 06.11.2014 16:35, Viktor Dukhovni wrote:
On Thu, Nov 06, 2014 at 03:31:10PM +0100, Richard K?nning wrote:
Well, the ClientHello message only allows to advertise the highest protocol
version the client speaks, it is expected that the client speaks also all
lower versions.
The client uses the lowest supported version at the *record layer*,
and sends the highest at the *handshake layer*. The server chooses
something in that *range*.
Therefore, when a client isn't able or doesn't want to speak
e.g. SSLv2, it has to wait for the ServerHello and to end the connection
when the server selects an unwanted protocol version.
I believe you're simply wrong about that.
Having now read Appendix E of RFC 2246 i now know you are right :-).
Ciao,
Richard
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
