1.  Home
  2. MIDRANGE-L
  3. May 2020

Re: GSKit SSL Handshake error 406 errno 3406

On Tue, May 19, 2020 at 1:09 PM B Stone <bvstone@xxxxxxxxx> wrote:

Then here's another question. If the server has a huge list of ciphers,
and the client does as well (where 10 out of 20 match), why would the
server settle on using a cipher that the client doesn't support (resulting
in a failed handshake) while there are many others that can be used?


I wasn't entirely paying attention when this conversation started, so not
sure what's happening and what order it's happening in.

It could be a configuration that is trying to avoid downgrade attacks, see
the article I cited on "vulnerabilities".

Or both of you could be confused about what you're actually supporting.

You might try going to the IFS in PASE and exploring the TLS exchange via
the openssl s_client command



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.