Bug#683160: closed by Andreas Metzler <ametzler at downhill.at.eu.org> (Re: Bug#683160: [gnutls-bin] can't connect to hosts which allow only SSLv3)

[Andreas Metzler]

On 2012-07-29 Olivier Bonvalet <ob.reportbug at daevel.fr> wrote:
> Thanks for your clarification Andreas. Kurt Roeckx (maintainer of OpenSSL) also agree with you (#683159).

Hello,
I doublechecked the other report brfore closing this one. ;-)

> I'm not sure to well understand the source of the problem, so : can
> you explain please why is it working from Debian Squeeze, but not
> Wheezy?

It also fails for me in Squeeze unless I disable TLS1.1

> And how browsers handle that?
[...]

Mozilla simply does not support TLS1.1 and TLS1.2 yet. Others are
probably using a brute force approach, ich TLS handshaking with TLS1.1
or TLS1.2 fails open a new connection and try TLS1.0

cu andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'