[openssl-users] SSL error “inappropriate fallback” and TLS_FALLBACK_SCSV

Salz, Rich rsalz at akamai.com
Thu Jun 1 18:43:31 UTC 2017

> Would clients actually attempt to send TLS_FALLBACK_SCSV even if the
> previous connection attempt failed for reasons other than TLS? If, say, the
> initial connection attempt failed at the TCP level? That sounds a little strange
> to me.

Yes they do.

There are many badly written clients out there.  Or poor libraries.

More information about the openssl-users mailing list