Well I think I'm completely confused about this option now; "always when you fall back" seems to suggest that falling back is an application level operation (as opposed to openssl-implemented behaviour), is it? i.e. is the onus on the client application to retry with a lower version if it wants to? What then is the purpose of the option?
Maybe the following would clarify it - is there code in the new release of openssl to recognize and act on this new option (other than simply sending the option down the wire to be handled by application code)? Is there a simple example of a scenario where it would be used? Is there documentation anywhere that describes how "fall back" is performed? Thanks ... N -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Salz, Rich Sent: October-20-14 11:49 AM To: openssl-users@openssl.org Subject: RE: SSL_MODE_SEND_FALLBACK_SCSV option When I said "always" I meant "always when you fall back" I was being too terse and not clear enough. Hope this helps. -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz > -----Original Message----- > From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Nou Dadoun > Sent: Monday, October 20, 2014 7:08 PM > To: openssl-users@openssl.org > Subject: RE: SSL_MODE_SEND_FALLBACK_SCSV option > > This is the first time I've seen this point of view expressed but it > does make evident sense - after all, the whole idea of falling back is > to find a mutually acceptable version. However it conflicts with some > of the previous advice I've seen on the list which recommended that > SSL_MODE_SEND_FALLBACK_SCSV *always* be set to prevent downgrade from > v1.1 to v1.2 for example. Any consensus? ... N > > -----Original Message----- > ... > Unconditionally setting SSL_MODE_SEND_FALLBACK_SCSV (if by default or > after user configuration) is a time bomb-your client application will > break once the server implements TLS 1.3 (or any newer TLS version > than what is supported by the OpenSSL version you use). Extremely few > applications have to deal with SSL_MODE_SEND_FALLBACK_SCSV. > > -- > Florian Weimer / Red Hat Product Security > __________________________________________________________ > ____________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > __________________________________________________________ > ____________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
