Message 214500 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alex
Recipients	alex, christian.heimes, dstufft, pitrou
Date	2014-03-22.18:19:21
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1395512361.39.0.194657167295.issue21013@psf.upfronthosting.co.za>
In-reply-to

Content
Unfortunately most TLS implementations (particularly those in browser stacks) are vulnerable to downgrade attacks, whereby an attacker can send some malicious packets to simulate a connection failure and cause a lower version of the protocol to be negotiated, https://crypto.stackexchange.com/questions/10493/why-is-tls-susceptible-to-protocol-downgrade-attacks has some info on it. As a result, whenever possible it's really desirable to completely disallow as many poor choices as possible.

Unfortunately most TLS implementations (particularly those in browser stacks) are vulnerable to downgrade attacks, whereby an attacker can send some malicious packets to simulate a connection failure and cause a lower version of the protocol to be negotiated, https://crypto.stackexchange.com/questions/10493/why-is-tls-susceptible-to-protocol-downgrade-attacks has some info on it. As a result, whenever possible it's really desirable to completely disallow as many poor choices as possible.

History
Date	User	Action	Args
2014-03-22 18:19:21	alex	set	recipients: + alex, pitrou, christian.heimes, dstufft
2014-03-22 18:19:21	alex	set	messageid: <1395512361.39.0.194657167295.issue21013@psf.upfronthosting.co.za>
2014-03-22 18:19:21	alex	link	issue21013 messages
2014-03-22 18:19:21	alex	create