cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: weak cipher suites with OpenSSL, SecureTransport and... ?

From: Marc H�rsken <info_at_marc-hoersken.de>
Date: Sat, 25 Jan 2014 21:49:08 +0100

Am 20.01.2014 11:23, schrieb Daniel Stenberg:
> You know of any downsides with this approach? Like for TLS1.0 only or
> SSLv3 only sites?

Actually there seems to be no difference for those sites. Without this
patch SChannel on Windows 7 will try to connect using TLSv1.0 first and
won't be able to connect to a SSLv3 site since TLSv1 does not support
downgrading to SSLv3. This means that the patch basically enables
TLSv1.1 and TLSv1.2 on top of TLSv1.0 and does not have any affect with
regards to SSLv3 which needs to be explicitly enabled using --sslv3.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-01-25

This message: [ Message body ]
Next message: Daniel Stenberg: "RE: Request to review the code changes for NTLMv2 Support in Curl"
Previous message: Steve Holme: "[PATCH] ntlm: Added cross platform support for writing NTLMv2=0A= timestamp in buffer=0A="
In reply to: Daniel Stenberg: "Re: weak cipher suites with OpenSSL, SecureTransport and... ?"
Next in thread: Marc H�rsken: "Re: weak cipher suites with OpenSSL, SecureTransport and... ?"
Reply: Marc H�rsken: "Re: weak cipher suites with OpenSSL, SecureTransport and... ?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]