|
|
|
|
|
|
by tmx
4519 days ago
|
|
|
> no sane client would ever use them Unfortunately, that's not the case. From RFC 5246: Note: some server implementations are known to implement version
negotiation incorrectly. For example, there are buggy TLS 1.0
servers that simply close the connection when the client offers a
version newer than TLS 1.0. Also, it is known that some servers will
refuse the connection if any TLS extensions are included in
ClientHello. Interoperability with such buggy servers is a complex
topic beyond the scope of this document, and may require multiple
connection attempts by the client.
An attacker that can insert themselves between client and server can cause a negotiation failure - causing the client or server to negotiate a weaker protocol/cipher combination - so its still important to disable weak cipher suites on the server, especially with browsers as old as IE 6 or 7 still kicking around. |
|
|