[openssl-users] Version negotiation failure failure?

Viktor Dukhovni openssl-users at dukhovni.org
Tue Sep 11 17:34:54 UTC 2018

> On Sep 11, 2018, at 1:17 PM, Jordan Brown <openssl at jordan.maileater.net> wrote:
> The key piece that I was missing - I hadn't looked at and thought about the protocol enough - was that there's no version-independent way for the server to fail.  If the server supports only versions larger than the client supports, it has no way to say "no".  If the positions are reversed, the server counter-offers a version that the client then rejects as too old.

In OpenSSL 1.1.x, though the server might not support continuing with the client's
maximum version, it is willing to do so just long enough to send a fatal protocol
version mismatch alert.  It helps that SSL2/SSL3 are not supported, and TLS 1.0
and up support the alert.

Time to move to OpenSSL 1.1.x, it has many improvements, ...


More information about the openssl-users mailing list