Friday, 15 January 2010

ssl - mozilla browser behaviour wrt sslv3 -



ssl - mozilla browser behaviour wrt sslv3 -

what have read , understood of browsers today when establishing secure connection seek tls first , if connnection not made fallback on ssl v3.

now consider next scenario: access website on https, website has stopped back upwards ssl v3. first secure connection effort of mozilla browser using tls fails chance , falls on ssl v3. website not back upwards ssl v3 effort fails happens now: browser give me error saying connection not possible or 1 time again go bback trying tls setting connection.

the browser not start 1 time again higher tls version if downgrade lower version failed, give error connection failed - same browser if did not downgrades. next time seek connect site retry high tls version again, because did not have cached info successful after downgrade only.

ssl mozilla sslv3

No comments:

Post a Comment