On Tuesday, June 07, 2016 05:08:00 pm David Benjamin wrote:
> On Tue, Jun 7, 2016 at 5:06 PM Yoav Nir wrote:
> > > On 7 Jun 2016, at 8:33 PM, Hubert Kario wrote:
> > > On Tuesday 07 June 2016 17:36:01 Yoav Nir wrote:
> > >> I’m not sure this helps.
> > >>
> > >> I’ve never installed a server that
On Tuesday, June 07, 2016 03:57:32 pm Ted Lemon wrote:
> The point of the different result codes is to give the end-user some basis
> for figuring out why they didn't get to the site. "Malicious site" is
> different than "policy violation." A malicious site is a site that serves
> malware, or d
Jumping to the end of the thread, it looks like this is an FTP issue that
repros when TLS 1.2 is negotiated. Not a TLS version intolerance.
The conclusion seems to be that https://support.microsoft.com/en-us/kb/253
resolves the issue, by updating FTP binaries.
Cheers,
Andrei
From: TLS [mai
On Tue, Jun 7, 2016 at 5:06 PM Yoav Nir wrote:
>
> > On 7 Jun 2016, at 8:33 PM, Hubert Kario wrote:
> >
> > On Tuesday 07 June 2016 17:36:01 Yoav Nir wrote:
> >> I’m not sure this helps.
> >>
> >> I’ve never installed a server that is version intolerant. TLS stacks
> >> from OpenSSL, Microsoft,
> On 7 Jun 2016, at 8:33 PM, Hubert Kario wrote:
>
> On Tuesday 07 June 2016 17:36:01 Yoav Nir wrote:
>> I’m not sure this helps.
>>
>> I’ve never installed a server that is version intolerant. TLS stacks
>> from OpenSSL, Microsoft,
>
> are you sure about that Microsoft part?
>
> there is qui
Brian, I totally sympathize with that, but this isn't really the 451 use
case, much as it seems to resemble it. In reality, there are actual risks
that people want to be protected from, and services that offer to protect
them from those risks. Malware and phishing are obvious examples--older
fo
On Mon, Jun 6, 2016 at 7:21 AM, Ted Lemon wrote:
> I've posted a new document to the datatracker that adds some TLS alert
> codes that can be sent to indicate that a particular TLS request has been
> blocked by the network. This attempts to address the problem of notifying
> the user of what we
The point of the different result codes is to give the end-user some basis
for figuring out why they didn't get to the site. "Malicious site" is
different than "policy violation." A malicious site is a site that serves
malware, or does phishing, or typosquatting, or something like that.
Policy
On Tuesday 07 June 2016 17:36:01 Yoav Nir wrote:
> I’m not sure this helps.
>
> I’ve never installed a server that is version intolerant. TLS stacks
> from OpenSSL, Microsoft,
are you sure about that Microsoft part?
there is quite a long thread on the filezilla forums about TLS version
toleran
> On 7 Jun 2016, at 5:47 PM, Salz, Rich wrote:
>
>> I’m not sure this helps.
>
> I'm pretty sure it wouldn't help at all, for the reasons you list.
Which isn’t to say it’s not worth doing. I’d love to test my implementation
against a test suite rather than just making sure it’s working with
> I’m not sure this helps.
I'm pretty sure it wouldn't help at all, for the reasons you list.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
I’m not sure this helps.
I’ve never installed a server that is version intolerant. TLS stacks from
OpenSSL, Microsoft, Java, and most any implementation we can name have been
version tolerant forever. Certainly none of us can name any implementation that
at any point had a version out that was
On Tuesday 07 June 2016 10:22:20 Kyle Rose wrote:
> I'm a big fan of the idea of a very strict qualification suite, as
> well, to try to head off some of these problems before (faulty)
> implementations proliferate.
>
> Hackathon?
I have two approaches I'm working on, they are missing a nice inte
I'm a big fan of the idea of a very strict qualification suite, as well, to
try to head off some of these problems before (faulty) implementations
proliferate.
Hackathon?
Kyle
On Jun 7, 2016 2:00 AM, "Peter Gutmann" wrote:
> Dave Garrett writes:
>
> >Also, as with any new system, we now have t
On Monday 06 June 2016 13:21:12 Ted Lemon wrote:
> I've posted a new document to the datatracker that adds some TLS alert
> codes that can be sent to indicate that a particular TLS request has
> been blocked by the network. This attempts to address the problem
> of notifying the user of what went
15 matches
Mail list logo