Comment 42 for bug 1054590

Revision history for this message
In , Hiroshi Miura (miurahr) wrote :

Evernote problem is likely a server problem because openssl and gnutls also fails to connect
with command line utility.

$ openssl s_client -connect www.evernote.com:443
$ gnutls-cli www.evernote.com

both fails to negotiate ssl.

I found result of ' gnutls-cli-debug www.evernote.com' show that

Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... failed
Checking for TLS 1.2 support... no

'$ gnutls-cli-debug sandbox.evernote.com' shows

Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... SSL 3.0
Checking for TLS 1.2 support... no

and sandbox works fine.

But Evernote client for windows works fine on MS windows7.
Because
1. WIndows 7 don't enable TLS1.1/1.2 by default
2. Windows 7 have a mechanism to fall back(close socket and create new connection) to SSLv3/TLSv1 that is not defined in IETF RFC.

My first proposal is implement (1) but fails to accept. So I take an approach (2).