AnsweredAssumed Answered

Does Microsoft-IIS 6 really supports TLS_FALLBACK_SCSV?

Question asked by j-mailor on Dec 12, 2016
Latest reply on Dec 14, 2016 by Bhushan Lokhande

I have done few tests, but I am very sure IIS did not support TLS_FALLBACK_SCSV, but now it is displayed in and as green and getting A+ grade.


Maybe this is related to announcement [1]: Given that the recent change to TLS 1.3 means that future protocol downgrades will be avoided, we will consider removing the requirement for TLS_FALLBACK_SCSV for A+.


But despite of that, if TLS_FALLBACK_SCSV is not supported is should not get in green colour.