On Sat, Aug 01, 2015 at 06:56:16AM +0200, Jakob Bohm wrote: > > The old team would have gone out of their way to make sure > the standard OpenSSL code would generate backward compatible > hello records by default So it's my understanding that you suggest the default OpenSSL client should: - Only support SSLv2, SSLv3 and TLS1.0 because things break when we we try to talk to some sites indicating we support TLS 1.1 and/or 1.2? Maybe we should even disable TLS 1.0 and SSLv3? - Don't send any TLS extentions, since some sites don't support it? - Don't send any cipher strings with the first byte different from 0 because some implemantation don't look at the first byte and might then select a cipher we didn't announce? - Enable all the work arounds for broken implementations again, even when they can be exploited? - Give RC4 such a priority by default that it's in the list before much stronger ciphers because that's the only cipher from our default list that works with some implementations, even when the RFCs say we should disable RC4 by default? I guess we should just stop trying to improve in general. Kurt
