how client can suggest both TLS and NTLS ciphers in the Client Hello message?

[vk2705]

hi, if we call openssl s_client -connect 1.1.1.1:443 -enable_ntls -cipher RSA:ECC-SM2-SM4-GCM-SM3

the client will send Hello with TLS ciphers only.

if we add -ntls flag, it will suggest NTLS cipher only.

How we may have both at same Hello?

Please advise, thank you!

[dongbeiouba]

NTLS (TLCP) has its own avaliable cipher suites, not compatible with TLS.

So it's impractical to have both at same ClientHello message.

Client must decide whether to use NTLS or TLS, and relevant cipher suites.

[vk2705]

It is a requirement of some customers. their browser behaves like that - by sending NTLS ciphers in TLS Hello, it indicates its ability to support both protocols.

On Mon, Feb 7, 2022 at 4:29 AM K1 @.***> wrote:

NTLS (TLCP) has its own avaliable cipher suites, not compatible with TLS.

So it's impractical to have both at same ClientHello message.

Client must decide whether to use NTLS or TLS, and relevant cipher suites.

— Reply to this email directly, view it on GitHub https://github.com/BabaSSL/BabaSSL/issues/161#issuecomment-1031013230, or unsubscribe https://github.com/notifications/unsubscribe-auth/AGCDLSP6IYHYMDWS4YN6OYLUZ4VCHANCNFSM5NHOBDWQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you authored the thread.Message ID: @.***>

[wa5i]

I think BabaSSL as a client can do such a retry: if the NTLS handshake fails, it can re-establish the handshake with TLS. I'll give it a try.