On Wed, Apr 03, 2024 at 09:23:26AM +0300, Levente Birta via Postfix-users wrote:
> > The other possibility, is that the client never tried TLS 1.3, and was > > implemented by a clueless keyboard-monkey, who decided to always send > > the fallback SCSV even though there was no fallback. That's sad, if > > true. > > As I said, this is an old (2019/2020) Dahua DVR ... I have doubts that this > DVR supports TLSv1.3, although I don't remember when TLSv1.3 became largely > used. https://www.rfc-editor.org/rfc/rfc7507.html deined the fallback SCSV in April 2015. https://datatracker.ietf.org/doc/html/rfc8446, defining TLS 1.3, was published in August 2018. If the DVR does not support or attempt to negotiate TLS 1.3, its use of the fallback SCSV is spectactacularly clueless. :-( -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org