Question about QSslCipher::protocolString

Thomas Lübking thomas.luebking at gmail.com
Tue Oct 21 23:20:40 BST 2014


On Dienstag, 21. Oktober 2014 21:24:33 CEST, Dawit A wrote:
> I think this whole problem came about as a result of a misunderstanding?
> [...]
> So the protocol string in the cipher is merely a historical information as
> to when that cipher was first defined and not meant to convey the current
> connection's protocol!
Fits, since no new ciphers were introduced w/ TLSv1.1

It's however a bit "nasty", since it's not stated explicitly and apparently there's no way to tell the used protocol then (QSslSocket is on "7" which is "QSsl::SecureProtocols", the default)

> What this means for the example case of
> blog.mozilla.org is that a valid TLSv1.1 connection was established using a
> cipher that was first defined under SSL/TLS protocol SSLv3.

Yes, I can confirm that the test app connects blog.mozilla.com via TLSv1.1 here. (Good reason to check whether one can dump wireshark-gtk for everyday usage: yes, one can ;-)

Cheers,
Thomas






More information about the kde-core-devel mailing list