in reply to Re: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake?
in thread if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake?

OK yes I get the same results as you do, so that's a repro without using Perl.

I've heard that "TLS uses SSL certificates" (e.g. https://learntomato.com/what-is-a-vpn/ ). Although I'm not clear on the mechanics, is that what's going on -- TLS is a different protocol but it uses the public/private keys baked into SSLv3 certificates, and when the debug messages refer to "SSLv3", that's what they're referring to?
  • Comment on Re^2: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake?

Replies are listed 'Best First'.
Re^3: if SSLv3 is disabled, why does LWP::UserAgent request indicate successful SSLv3 handshake?
by rizzo (Curate) on May 24, 2018 at 15:09 UTC
    As far as I know, they're using the same cipher suites.
    Why the debug messages refer to SSlv3 although TLS is used for the connection, no clue, sorry.
[reply]

In Section Seekers of Perl Wisdom