How can we improve the Microsoft Edge developer experience?

Support TLS_FALLBACK_SCSV for preventing protocol downgrade attacks

As described in this article:
http://www.exploresecurity.com/poodle-and-the-tls_fallback_scsv-remedy/
TLS_FALLBACK_SCSV is an effective remedy for protocol downgrade attacks on TLS. Without it possible MITM can force the server to use weaker protocol version instead of the best supported protocol signaled by the client.

Chrome and Firefox support it on client-side, except Edge and IE, and lot of top web sites support it on server-side as well.

74 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Martin Suchan shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    2 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base