On Mon, 2014-10-20 at 16:45 -0700, Julien Pierre wrote: > What is the purpose of Firefox continuing to do any fallback at all ? > IMO, making a second connection with any lower version of SSL/TLS > defeats the intent of the SSL/TLS protocol, which have built-in defenses > against protocol version downgrade. > Isn't it time this fallback gets eliminated at last ?
I'm stating what I found, I'm not making that decision. Kai -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
