Discussion:
which SSL client protocols work with which server protocols?
Bill Janssen
2007-09-08 16:51:41 UTC
Permalink
I've now built a framework in test_ssl to test all client protocols
(SSL2, SSL3, SSL23, TLS1) against all server protocols, and here's
what I've come up with. Servers are along the X axis, and clients are
on the Y axis. "Yes" means that that client protocol can talk to that
server protocol.

SSL2 SSL3 SS23 TLS1
SSL2 yes no no no
SSL3 yes yes yes no
SSL23 no no yes no
TLS1 no no yes yes

I'm a bit surprised by the facts that (1) an SSL2 client can't connect
to an SSL23 server, and (2) an SSL23 client can *only* connect to an
SSL23 server. Can anyone verify that these combos (the results of
testing with the Python framework) are indeed to be expected?

Bill
Bill Janssen
2007-09-10 17:30:54 UTC
Permalink
Post by Bill Janssen
I've now built a framework in test_ssl to test all client protocols
(SSL2, SSL3, SSL23, TLS1) against all server protocols, and here's
what I've come up with. Servers are along the X axis, and clients are
on the Y axis. "Yes" means that that client protocol can talk to that
server protocol.
SSL2 SSL3 SS23 TLS1
SSL2 yes no no no
SSL3 yes yes yes no
SSL23 no no yes no
TLS1 no no yes yes
I'm a bit surprised by the facts that (1) an SSL2 client can't connect
to an SSL23 server, and (2) an SSL23 client can *only* connect to an
SSL23 server. Can anyone verify that these combos (the results of
testing with the Python framework) are indeed to be expected?
Sure enough, in testing on my FC7 platform, which has a more modern
version of OpenSSL (0.9.8e instead of the older 0.9.7l platform I was
using), an SSL2 client *can* connect to an SSL23 server. And I got
one of the above entries wrong: an SSL23 client can connect to an SSL2
server.

I guess in the test harness, I'll just note the discrepancy, but not
fail the test either way. And I'll add a note to the documentation.

Bill
Bill Janssen
2007-09-10 18:44:30 UTC
Permalink
Here's the updated connection table:

SSL2 SSL3 SS23 TLS1
SSL2 yes no yes no
SSL3 yes yes yes no
SSL23 yes no yes no
TLS1 no no yes yes

Given this, I think the client-side default should be changed from
SSLv23 to SSLv3, and the server-side default should be SSLv23.

Bill
Matt Goodall
2007-09-11 11:59:51 UTC
Permalink
Post by Bill Janssen
SSL2 SSL3 SS23 TLS1
SSL2 yes no yes no
SSL3 yes yes yes no
SSL23 yes no yes no
TLS1 no no yes yes
Given this, I think the client-side default should be changed from
SSLv23 to SSLv3, and the server-side default should be SSLv23.
I believe you are correct.

I did some experiments with this a while ago after hitting problems
connecting to some SSL servers although I can't remember the exact
results now.

More importantly, what you recommend is what Twisted does and I'd
believe them more than me any time ;-).

See Twisted's DefaultOpenSSLContextFactory [1] for the server side and
ClientContextFactory [2] for the client side.


Cheers, Matt


[1] DefaultOpenSSLContextFactory,
http://twistedmatrix.com/trac/browser/trunk/twisted/internet/ssl.py#L67

[2] ClientContextFactory,
http://twistedmatrix.com/trac/browser/trunk/twisted/internet/ssl.py#L102
--
Matt Goodall, Pollenation Internet Ltd
Technology House, 237 Lidgett Lane, Leeds LS17 6QR
Registered No 4382123
A member of the Brunswick MCL Group of Companies
w: http://www.pollenation.net/
e: ***@pollenation.net
t: +44 113 2252500
Loading...