TLSV1 and TLSV1.2 coexist issue in wireshark

Asked Mar 27 '15 at 07:25

Active Mar 27 '15 at 11:59

Viewed 1,500 times

I analysed an live camero's net traffic and found that the client uses both TLS1.0 and TLS1.2 in the handshakings while the server only uses TLS1.0.

How can the handshaking uses both TLSV1.0 and TLSV1.2?Is there a reason for doing so?

1.Is TLS1.0 is sufficiently secure?

2.It uses spdy with TLS1.0, can spdy help to make the transferring more secure?

enter image description here

edited Mar 27 '15 at 11:59

StackzOfZtuff

asked Mar 27 '15 at 07:25

vaj oja

Basically duplicate of http://security.stackexchange.com/questions/29314/what-is-the-significance-of-the-version-field-in-a-tls-1-1-clienthello-message . The *record* version in ClientHello is more or less the lowest offered and the *message* version is the highest requested. Once the server chooses and replies, everything else uses that version, or if it's too low the client aborts. – dave_thompson_085 Mar 27 '15 at 08:40
1

So the server only supports TLS1.0 if i understand it correctly. How about the security level of TLS1.0?Is it secure enough? – vaj oja Mar 27 '15 at 08:46
See http://security.stackexchange.com/questions/44275/is-tls-1-0-sufficiently-secure-for-a-bank – Bruno Rohée Mar 27 '15 at 10:19

0 Answers0