Hi all,
On 29.10.19 14:15, Jeremy Stanley wrote:
> On 2019-10-29 13:29:02 +0100 (+0100), Michael Kesper wrote:
>> On 27.10.19 17:27, Drew Parsons wrote:
>>> On 2019-10-27 23:13, Daniele Tricoli wrote:
> [...]
Not an expert here, but I think fallback is not done on
purpose due downgrade a
On 2019-10-29 13:29:02 +0100 (+0100), Michael Kesper wrote:
> On 27.10.19 17:27, Drew Parsons wrote:
> > On 2019-10-27 23:13, Daniele Tricoli wrote:
[...]
> > > Not an expert here, but I think fallback is not done on
> > > purpose due downgrade attacks:
> > > https://en.wikipedia.org/wiki/Downgrade
Hi,
út 29. 10. 2019 v 13:29 odesílatel Michael Kesper
napsal:
> > I see. Still an odd kind of protection though. The attacker can just
> downgrade themselves.
>
> No. A sensible server will not talk to you if your requested SSL version
> is too low.
> pub.orcid.org seems to use absolutely outda
Hi all,
On 27.10.19 17:27, Drew Parsons wrote:
> On 2019-10-27 23:13, Daniele Tricoli wrote:
>> On Sun, Oct 13, 2019 at 10:31:31PM +0800, Drew Parsons wrote:
>>> It conditionally works. Using curl, I found that TLSv1_0 or TLSv1_1 will
>>> support a successful connection, but only if the maximum S
On 2019-10-27 23:13, Daniele Tricoli wrote:
On Sun, Oct 13, 2019 at 10:31:31PM +0800, Drew Parsons wrote:
It conditionally works. Using curl, I found that TLSv1_0 or TLSv1_1
will
support a successful connection, but only if the maximum SSL_VERSION
is
constrained to TLSv1_0 or TLSv1_1 (e.g. cur
On Sun, Oct 13, 2019 at 10:31:31PM +0800, Drew Parsons wrote:
> It conditionally works. Using curl, I found that TLSv1_0 or TLSv1_1 will
> support a successful connection, but only if the maximum SSL_VERSION is
> constrained to TLSv1_0 or TLSv1_1 (e.g. curl -v --tlsv1.1 --tls-max 1.1
> https://pub
Daniele wrote:
I hope to have the time to investigate also this:
urllib3/contrib/pyopenssl.py
contains code to have SSL with SNI_-support for Python 2 and it depends
on
pyOpenSSL, cryptography and idna. Maybe looking at them can give us
more clues.
Also, could you see if using Python3 the con
Hi Drew,
On 12/10/2019 07:57, Drew Parsons wrote:
> Hi Daniele, just letting you know I uploaded python-urllib3 1.25.6 to
> experimental.
Thanks for taking care of urllib3.
> I was having some SSL trouble connecting to https://pub.orcid.org. The error
> trace cited urllib3/contrib/pyopenssl.py,
Hi Daniele, just letting you know I uploaded python-urllib3 1.25.6 to
experimental.
I was having some SSL trouble connecting to https://pub.orcid.org. The
error trace cited urllib3/contrib/pyopenssl.py, so I downloaded and
installed python-urllib3 1.25.6 to see if updates to default SSL/TLS
9 matches
Mail list logo