Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/tls: Add SSL 3.0 support #1703

gopherbot opened this issue Apr 14, 2011 · 2 comments

crypto/tls: Add SSL 3.0 support #1703

gopherbot opened this issue Apr 14, 2011 · 2 comments


Copy link

@gopherbot gopherbot commented Apr 14, 2011

by was seeing 10%-15% of our users fail to connect to our https servers due
to the browser using SSL 3.0 instead of TLS 1.0. agl speculates that this might occur
both due to misconfigurations and due to browser automatically downgrading from TLS 1.0
to SSL 3.0.

For sites running https a recommendation would be to monitor any http/https transitions
to try to verify how much of their population is running into this issue.

As per offline discussion, please file this bug against agl to track adding SSL 3.0
support to crypto/tls.

This comment has been minimized.

Copy link

@robpike robpike commented Apr 14, 2011

Comment 1:

Labels changed: added packagechange, security.

Owner changed to @agl.

Status changed to Accepted.


This comment has been minimized.

Copy link

@agl agl commented Sep 14, 2011

Comment 2:

This issue was closed by revision a775fbf.

Status changed to Fixed.

@mikioh mikioh changed the title Add SSL 3.0 support to crypto/tls crypto/tls: Add SSL 3.0 support Jan 14, 2015
@golang golang locked and limited conversation to collaborators Jun 24, 2016
FiloSottile pushed a commit to FiloSottile/go that referenced this issue Oct 12, 2018
It would be nice not to have to support this since all the clients
that we care about support TLSv1 by now. However, due to buggy
implementations of SSLv3 on the Internet which can't do version
negotiation correctly, browsers will sometimes switch to SSLv3. Since
there's no good way for a browser tell a network problem from a buggy
server, this downgrade can occur even if the server in question is
actually working correctly.

So we need to support SSLv3 for robustness :(

Fixes golang#1703.

This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
You can’t perform that action at this time.