Thanks Florian, Jakob, Matt and everyone else. You guys are fascinating.
Its a rocking community. Thanks again for your excellent support and taking
pain to answer my repeated questions.
On Mon, Oct 27, 2014 at 1:04 AM, Florian Weimer wrote:
> * Aditya Kumar:
>
> > Suppose, the Server is patched
* Aditya Kumar:
> Suppose, the Server is patched with the FALLBACK flag and its protocol is
> set to TLSV1/SSLV23(with TLSV1 as the highest protocol) and then client
> tries to connect to Server in TLSV1 and sets FALLBACK flag before
> initiating communication with Server. Will the client be able
* Jaya Nageswar:
> So when SSLv23 is set as the protocol at both client and server, Does
> client automatically fall back and try with SSLV3 protocol if the
> connection with TLSv1 fails.
No, unless you have explicitly written retry code on your own.
> Does Protocol downgrade dance means the cli
It does seem other webservers send the server_name back with 0 as the
length of extension_data. And the site in question seems to be running
an old (6.1.26) jetty version. End of story, I guess.
Thanks.
On Fri, Oct 24, 2014 at 7:11 PM, Emilia Käsper
wrote:
> The server is sending back a servern
Thanks Jakob and everyone for their prompt replies. My most of the doubts
are cleared and I just want to confirm the protocol behavior in one
particular scenario.
Suppose, the Server is patched with the FALLBACK flag and its protocol is
set to TLSV1/SSLV23(with TLSV1 as the highest protocol) and t
Thanks Florian Weimer for a prompt response. I have some follow up
questions.
We use the following options to set SSL Context using the following API
with the below options.
SSL_CTX_set_mode(ctx,SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_AUTO_RETRY);
So when SS