forge Server always downgrades TLS version from 1.1 to 1.0 when it handles ClientHello

Server always downgrades TLS version from 1.1 to 1.0 when it handles ClientHello

Open mass85 opened this issue 3 years ago • 0 comments

When TLS server receives ClientHello with version v1.1 (the default) it tries to determine which version it should use. Server does it incorrectly and always decides to use v1.0 although there is no reason to not use v1.1, in result security level is decreased.

Apr 04 '22 11:04 mass85

forge forge copied to clipboard

Server always downgrades TLS version from 1.1 to 1.0 when it handles ClientHello

forge
forge copied to clipboard