Bug#730867: iceweasel: ssl_error_no_cypher_overlap error when using ipv6-enabled server with sslv3 disabled
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Dec 2 06:41:19 UTC 2013
On 11/30/2013 09:08 AM, Pierre Emeriaud wrote:
> Package: iceweasel
> Version: 25.0-1
> Severity: important
> Tags: ipv6
>
> When using ipv6, iceaweasel SSL hello is SSLv3, whereas it offers TLSv1 when using ipv4.
>
> This leeds to the ssl_error_no_cypher_overlap error messages if the server has SSLv3 disabled.
Thanks for reporting this bug!
What configuration settings for iceweasel's TLS stack are made in
about:config for the profile experiencing this behavior?
In particular, i'm curious about the values for
security.tls.version.max
security.tls.version.min
see: http://kb.mozillazine.org/Security.tls.version.*
Is there a particular server to which you've been connecting to test
this behavior?
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1027 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mozilla-maintainers/attachments/20131202/441786a1/attachment.sig>
More information about the pkg-mozilla-maintainers
mailing list