I have been reading about various posts related to the TLS_FALLBACK_SCSV fall back option. The more I read the more confused I am. I would like to get some help on the current scenario that we have.
We have a library which is built on top of openssl 0.9.8 (now incorporated the openssl 0.9.8zc related changes for TLS_FALLBACK_SCSV) for handling cryptographic and SSL functionality. By default the SSL protocol is set to SSLv23 at both client and Server.That means The client and Server can support SSLv2, SSLv3 and TLSv1 protcols. However an explicit protocl (SSLv2/SSLv3/TLSV1) can also be set at both client and Server. As per my understanding We can overcome the POODLe vulnerability by disabling SSLv3 protocol or setting the TLSv1 as the default protocol at client and Server. Now I would like to understand the following. 1. if we keep the SSLv23 protocol at both the Server and Client, How does TLS_FALLBACK_SCSV option set at the client going to work and does it stop the usage of SSLv3 protocol as both client and Server are capable of supporting TLSv1. 2. In general, if we have SSLv23 protocol at both client and Server, How does the protcol negotiation happens? I have been reading that the client sends a client_hello message along with the other protocols supported and the cipher suites. The Server then sends its supported protocols/cipher suites and selects the highest protocol supported by client and Server in the order. Is my understanding correct? 3. How does the TLS_FALLBACK_SCSV is going to work in the above scenario. Thanks in advance and appreciate your response. Regards, -Jaya.
