On Wed, Oct 15, 2014 at 10:11:55PM -0600, LuKreme wrote:
> This is what my home connection to my server looks like:
>
> submit-tls/smtpd[10060]: xx.xx.xx.xx: reloaded session
> EB75...&s=submission&l=268439711 from smtpd cache
> submit-tls/smtpd[10060]: SSL_accept:SSLv3 read client hello A
> submit-tls/smtpd[10060]: SSL_accept:SSLv3 write server hello A
> submit-tls/smtpd[10060]: SSL_accept:SSLv3 write change cipher spec A
> submit-tls/smtpd[10060]: SSL_accept:SSLv3 write finished A
> submit-tls/smtpd[10060]: SSL_accept:SSLv3 flush data
> submit-tls/smtpd[10060]: SSL_accept:SSLv3 read finished A
> submit-tls/smtpd[10060]: xx.xx.xx.xx: Reusing old session
> submit-tls/smtpd[10060]: Anonymous TLS connection established from
> xx.xx.xx.xx: TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
As you can see, this is TLSv1, not SSLv3. The two protocols share
code, and in particular the code for verbose packet logging shows
that the record-layer framing is SSLv3 not SSLv2. SSLv3, TLSv1,
TLSv1.1 and TLSv1.2 share the same record layer protocol.
--
Viktor.
