Bug#683160: closed by Andreas Metzler <ametzler at downhill.at.eu.org> (Re: Bug#683160: [gnutls-bin] can't connect to hosts which allow only SSLv3)

Andreas Metzler ametzler at downhill.at.eu.org
Sun Jul 29 13:16:04 UTC 2012

On 2012-07-29 Olivier Bonvalet <ob.reportbug at daevel.fr> wrote:
> Thanks for your clarification Andreas. Kurt Roeckx (maintainer of OpenSSL) also agree with you (#683159).

I doublechecked the other report brfore closing this one. ;-)

> I'm not sure to well understand the source of the problem, so : can
> you explain please why is it working from Debian Squeeze, but not
> Wheezy?

It also fails for me in Squeeze unless I disable TLS1.1

> And how browsers handle that?

Mozilla simply does not support TLS1.1 and TLS1.2 yet. Others are
probably using a brute force approach, ich TLS handshaking with TLS1.1
or TLS1.2 fails open a new connection and try TLS1.0

cu andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

More information about the Pkg-gnutls-maint mailing list