> I've now built a framework in test_ssl to test all client protocols > (SSL2, SSL3, SSL23, TLS1) against all server protocols, and here's > what I've come up with. Servers are along the X axis, and clients are > on the Y axis. "Yes" means that that client protocol can talk to that > server protocol. > > SSL2 SSL3 SS23 TLS1 > SSL2 yes no no no > SSL3 yes yes yes no > SSL23 no no yes no > TLS1 no no yes yes > > I'm a bit surprised by the facts that (1) an SSL2 client can't connect > to an SSL23 server, and (2) an SSL23 client can *only* connect to an > SSL23 server. Can anyone verify that these combos (the results of > testing with the Python framework) are indeed to be expected?
Sure enough, in testing on my FC7 platform, which has a more modern version of OpenSSL (0.9.8e instead of the older 0.9.7l platform I was using), an SSL2 client *can* connect to an SSL23 server. And I got one of the above entries wrong: an SSL23 client can connect to an SSL2 server. I guess in the test harness, I'll just note the discrepancy, but not fail the test either way. And I'll add a note to the documentation. Bill _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
