* Sean Mullan: > Can you give more info as to why SSLv3.0 is being used since it has well > documented security weaknesses and should really no longer be used anymore?
I think the SSLv3.0-compatible client hello is not in itself inherently unsafe, at least as long as the client is not willing to actually negotiate SSLv3.0. In the past, there were load balancers which could handle SSLv3.0-compatible hellos, but not much else. The actual backend server would negotiate something more recent off the legacy hello. I have no idea whether these workarounds are still needed in practice. However, I remember that past OpenJDK versions more or less defaulted to sending such client hellos. If these clients are in principle able to negotiate TLS 1.0 (or maybe even something newer), accepting that in FIPS mode as well would be nice.
