[gnutls-devel] GnuTLS | gnutls_cli_debug / test_ssl3 don't detect some old SSLv3 servers (#958)
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Mon Mar 23 08:13:17 CET 2020
Nikos Mavrogiannopoulos commented:
Thanks for reporting this. I didn't know that such servers still existed. The request makes sense, but to provide more background RFC6101 (final SSL3.0 draft - draft-freier-ssl-version3-01 if I remember well) servers are expected to ignore TLS extensions (fields that come after the client hello). A previous draft of SSL 3.0 was not requiring that. So this server is implementing a draft SSL3.0 version, rather than the final protocol.
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/958#note_309329257
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnutls-devel