Message 79364 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	giampaolo.rodola
Recipients	giampaolo.rodola, janssen
Date	2009-01-07.19:15:22
SpamBayes Score	0.25227517
Marked as misclassified	No
Message-id	<1231355724.37.0.677155354015.issue4870@psf.upfronthosting.co.za>
In-reply-to

Content
> Actually, that's not quite true. > Specifying TLSv1 or SSLv3 on the > server side will disable SSLv2. There are use cases like FTPS where it is desirable that servers support SSLv3 and TLSv1. To do that by using OpenSSL SSLv23 protocol must be specified and SSLv2 must be explicitly disabled afterward. As far as I've understood, using SSLv23 on the server sides means that when the client connects it could decide whether using SSLv2, SSLv3 or TLSv1.

> Actually, that's not quite true.  
> Specifying TLSv1 or SSLv3 on the
> server side will disable SSLv2.

There are use cases like FTPS where it is desirable that servers support
SSLv3 *and* TLSv1.
To do that by using OpenSSL SSLv23 protocol must be specified and SSLv2
must be explicitly disabled afterward.
As far as I've understood, using SSLv23 on the server sides means that
when the client connects it could decide whether using SSLv2, SSLv3 or
TLSv1.

History
Date	User	Action	Args
2009-01-07 19:15:24	giampaolo.rodola	set	recipients: + giampaolo.rodola, janssen
2009-01-07 19:15:24	giampaolo.rodola	set	messageid: <1231355724.37.0.677155354015.issue4870@psf.upfronthosting.co.za>
2009-01-07 19:15:23	giampaolo.rodola	link	issue4870 messages
2009-01-07 19:15:22	giampaolo.rodola	create