On 10/20/2014 10:10 PM, Nou Dadoun wrote:
Well I think I'm completely confused about this option now; "always when you fall back" seems to suggest that falling back is an application level operation (as opposed to openssl-implemented behaviour), is it? i.e. is the onus on the client application to retry with a lower version if it wants to? What then is the purpose of the option?
Correct, fallback (in this sense) is performed by the application. In contrast, OpenSSL automatically upgrades away from SSL 3.0 (unless prevent from doing so), in a way that is secure against man-in-the-middle attacks.
The purpose of the option is to make totally broken applications a bit less secure (when they happen to certain servers). From my point of view, there is only one really good reason to have this client-side option—so that you can test the server-side support. That's why I implemented it for OpenJDK as well. Application should *never* use it because it does not really solve anything. If you have fallback code, your application is still insecure.
-- Florian Weimer / Red Hat Product Security ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
