Hi all,
On 29.10.19 14:15, Jeremy Stanley wrote:
> On 2019-10-29 13:29:02 +0100 (+0100), Michael Kesper wrote:
>> On 27.10.19 17:27, Drew Parsons wrote:
>>> On 2019-10-27 23:13, Daniele Tricoli wrote:
> [...]
Not an expert here, but I think fallback is not done on
purpose due downgrade a
On 2019-10-29 13:29:02 +0100 (+0100), Michael Kesper wrote:
> On 27.10.19 17:27, Drew Parsons wrote:
> > On 2019-10-27 23:13, Daniele Tricoli wrote:
[...]
> > > Not an expert here, but I think fallback is not done on
> > > purpose due downgrade attacks:
> > > https://en.wikipedia.org/wiki/Downgrade
Hi,
út 29. 10. 2019 v 13:29 odesílatel Michael Kesper
napsal:
> > I see. Still an odd kind of protection though. The attacker can just
> downgrade themselves.
>
> No. A sensible server will not talk to you if your requested SSL version
> is too low.
> pub.orcid.org seems to use absolutely outda
Hi all,
On 27.10.19 17:27, Drew Parsons wrote:
> On 2019-10-27 23:13, Daniele Tricoli wrote:
>> On Sun, Oct 13, 2019 at 10:31:31PM +0800, Drew Parsons wrote:
>>> It conditionally works. Using curl, I found that TLSv1_0 or TLSv1_1 will
>>> support a successful connection, but only if the maximum S
4 matches
Mail list logo
