und hard to accept that this rate of
TLS errors is somehow normal; but now I think I start to understand this
aspect of the protocol thanks to the excellent explanations I've seen
early in this discussion.
--
Florin Andrei
http://florin.myip.org/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
l libraries
are not.
--
Florin Andrei
http://florin.myip.org/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
actually attempt to send TLS_FALLBACK_SCSV even if the
previous connection attempt failed for reasons other than TLS? If, say,
the initial connection attempt failed at the TCP level? That sounds a
little strange to me.
Again, our clients are a mix of the average mobile devices in general
us
difficult to search the capture file and try to correlate
the failed SSL handshake with other, successful connections, because the
source IPs are masked by the ELB. There might be a way to rely on the
PROXY protocol header to identify IPs, but I'll have to figure out how
to do that.
