Donald Stufft added the comment: That's not entirely true unfortunately :(
There are downgrade attacks that work all the way up through TLS 1.2. These are not strictly a problem of the protocol specs but instead of the implementations. See: https://crypto.stackexchange.com/questions/10493/why-is-tls-susceptible-to-protocol-downgrade-attacks The general gist of it is some servers/firewalls/etc have buggy implementations that cause a TLS1.0+ handshake to fail and some clients (browsers being a big one) decided to handle this by restarting the connection with SSL3.0 instead of TLS1.0+. So thus it is possible to effectively downgrade a client, even one that supports TLS1.2. It is not however possible to do it within a single connection. The version selection process should not be considered a security feature but should instead be looked at as a way to opportunistically add newer features. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue21013> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com