zlacker

[return to "BlueCoat and other proxies hang up during TLS 1.3"]
1. JoshTr+w[view] [source] 2017-02-28 01:38:28
>>codero+(OP)
Note that this happens even when using a BlueCoat proxy in non-MITM mode. BlueCoat tries to "analyze" TLS connections, and rejects anything it doesn't understand. This exact issue occurred with TLS 1.2 back when BlueCoat only understood 1.1/1.0.

In this case, it doesn't sound like they're reverting it because of overall breakage, but rather because it breaks the tool that would otherwise be used to control TLS 1.3 trials and other configuration. Firefox had a similar issue, where they temporarily used more conservative settings for their updater than for the browser itself, to ensure that people could always obtain updates that might improve the situation.

◧◩
2. quotem+d1[view] [source] 2017-02-28 01:50:07
>>JoshTr+w
Ridiculously conservative middleboxes are why we can't have nice things and why we need to encrypt all new protocols, security properties aside.
◧◩◪
3. jlgadd+fk[view] [source] 2017-02-28 06:04:35
>>quotem+d1
[ off-topic comment deleted ]
◧◩◪◨
4. kbart+un[view] [source] 2017-02-28 06:53:50
>>jlgadd+fk
Probably you have already (mis)clicked (down)vote button on this comment before. It's easy to do accidentally, especially on touchscreen.
◧◩◪◨⬒
5. jlgadd+po[view] [source] 2017-02-28 07:08:52
>>kbart+un
I was pretty sure that wasn't it. I noticed it as soon as I first saw the comment.

That's the simplest explanation, though, so that's probably what happened. Oh well.

[go to top]