Question about QSslCipher::protocolString

Richard Moore richmoore44 at gmail.com
Wed Oct 22 21:11:56 BST 2014


Yes, this is why I implemented https://codereview.qt-project.org/#/c/80470/

Rich.


On 21 October 2014 23:20, Thomas L├╝bking <thomas.luebking at gmail.com> wrote:

> On Dienstag, 21. Oktober 2014 21:24:33 CEST, Dawit A wrote:
>
>> I think this whole problem came about as a result of a misunderstanding?
>> [...]
>> So the protocol string in the cipher is merely a historical information as
>> to when that cipher was first defined and not meant to convey the current
>> connection's protocol!
>>
> Fits, since no new ciphers were introduced w/ TLSv1.1
>
> It's however a bit "nasty", since it's not stated explicitly and
> apparently there's no way to tell the used protocol then (QSslSocket is on
> "7" which is "QSsl::SecureProtocols", the default)
>
>  What this means for the example case of
>> blog.mozilla.org is that a valid TLSv1.1 connection was established
>> using a
>> cipher that was first defined under SSL/TLS protocol SSLv3.
>>
>
> Yes, I can confirm that the test app connects blog.mozilla.com via
> TLSv1.1 here. (Good reason to check whether one can dump wireshark-gtk for
> everyday usage: yes, one can ;-)
>
> Cheers,
> Thomas
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20141022/c243954f/attachment.htm>


More information about the kde-core-devel mailing list