> If the context options are set to remove SSLv3: > Then is the following needed from [0]: > > SSL_set_mode(ssl, SSL_MODE_SEND_FALLBACK_SCSV)
You might care about fallback from TLS 1.2 (which has PFS) to TLS 1.1 (which doesn't). I recommend that you always set that flag. -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz
