Author vstinner
Recipients Arfrever, Lukasa, alex, christian.heimes, dstufft, giampaolo.rodola, janssen, martius, pitrou, vstinner
Date 2014-10-15.12:03:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
I read the table explaining how SSL/TLS is negociated between the client and the server:

I don't understand how I can ask to "use TLS, prefer the most recent version, but don't use SSL"? Should I use TLSv1 which only works with TLS version 1.0? Or TLSv12 and bet that the server implements this newer TLS version?

create_default_context() uses PROTOCOL_SSLv23 with OP_NO_SSLv2 and OP_NO_SSLv3. I don't understand: we ask to use "SSL version 2 or 3" but we disable SSLv2 and SSLv3?

If the client uses PROTOCOL_SSLv23, does it mean that TLS will never be tried?
Date User Action Args
2014-10-15 12:03:12vstinnersetrecipients: + vstinner, janssen, pitrou, giampaolo.rodola, christian.heimes, Arfrever, alex, dstufft, Lukasa, martius
2014-10-15 12:03:12vstinnersetmessageid: <>
2014-10-15 12:03:12vstinnerlinkissue22638 messages
2014-10-15 12:03:12vstinnercreate