[erlang-questions] New SSL option to set TLS record version?
Ryan Stewart
zzantozz@REDACTED
Wed May 9 17:30:35 CEST 2018
I've run across a faulty SSL server implementation that appears to send a
"handshake failure" alert if the ClientHello protocol version isn't equal
to the TLS record version. In Erlang, different major versions choose the
TLS record version differently. None of them are wrong according the TLS
spec, but some of them break when I'm trying to connect to these bad server
implementations.
What do you think of adding a new ssl_option like
"client_hello_tls_record_version" to let us explicitly set the version to
be used? Ideally, it would support values like 'tlsv1', 'tlsv1_2',
'lowest', 'highest', and 'same_as_client_hello', for example.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180509/787b64f8/attachment.htm>
More information about the erlang-questions
mailing list