[Pkg-openssl-devel] Bug#665452: Bug#665452: openssl: 'upgrade' also breaks https://www.paypal.com
Kurt Roeckx
kurt at roeckx.be
Thu Mar 29 19:43:17 UTC 2012
On Thu, Mar 29, 2012 at 12:41:01PM +0100, Colin Watson wrote:
> On Tue, Mar 27, 2012 at 09:39:50PM +0200, Kurt Roeckx wrote:
> > Anyway, there seems to be 3 different problems:
> > - Servers that report BigIP as server. They don't reply to
> > ClientHello requests that are bigger than 255 bytes. Examples
> > include sourceforge.net and owa.mit.edu.
> > - Servers that don't tolerate verion numbers they don't support
> > while they are supposed to negiotate a lower version. Examples
> > include boekhuis.nl
> > - paypal which currently isn't clear what the problem really is,
> > it seems to support TLS1.2, but reacts weird to 1.1.
>
> There are some more examples in this Ubuntu bug:
>
> https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/965371
>
> I'm not sure which category www.mediafire.com falls into.
The second case. This can also be tested on https://www.ssllabs.com/ssldb/
And facebook seems to fall in the first case. I'm guessing this is some kind
of firewall issue.
Kurt
More information about the Pkg-openssl-devel
mailing list