Closed Bug 1306672 Opened 8 years ago Closed 6 years ago

Have common handling for downgrade-detection in Randoms for SSLv2 and SSLv3+

Categories

(NSS :: Libraries, defect, P3)

defect

Tracking

(Not tracked)

RESOLVED WORKSFORME

People

(Reporter: ekr, Unassigned)

Details

      No description provided.
 From ssl3_HandleClientHello
    * [draft-ietf-tls-tls13-11 Section 6.3.1.1].
     * TLS 1.3 server implementations which respond to a ClientHello with a
     * client_version indicating TLS 1.2 or below MUST set the last eight
     * bytes of their Random value to the bytes:
     *
     * 44 4F 57 4E 47 52 44 01
     *
     * TLS 1.2 server implementations which respond to a ClientHello with a
     * client_version indicating TLS 1.1 or below SHOULD set the last eight
     * bytes of their Random value to the bytes:
     *
     * 44 4F 57 4E 47 52 44 00
     *
     * TODO(ekr@rtfm.com): Note this change was not added in the SSLv2
     * compat processing code since that will most likely be removed before
     * we ship the final version of TLS 1.3. Bug 1306672.
Priority: -- → P3
Fixed long ago.
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.