Copying Kurt Roeckx response to this below (which only went to the openssl-dev list, and not to RT).
Based on Kurt's response I am closing this ticket for now. Please re-open by responding to this email if you still think this is a defect. Matt On Sun, Jul 06, 2014 at 10:18:29AM +0200, Kaufmann Stephan via RT wrote: - TLSCipherSuites: Unknown Cipher { 0x00,0xFF } That is TLS_EMPTY_RENEGOTIATION_INFO_SCSV. Hope, I could explain the problem and you can fix it soon and the fix will be applied soon to all web proxies... I don't see a problem. Your tool doesn't know about some cipher as far as I can see. I'm not sure what is exactly in between, but as far as I can see that is causing the problem and there is nothing wrong with the handshake. The was introduced as part of the secure renegiotation. See RFC 5746. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org