TLS tests with login.live.com
TLS tests from the Atlas probes work for me, for every server... *but* login.live.com, for which I always get timeouts (it works with other TLS clients). Measurement #8775150 if someone has an idea...
On Mon, May 29, 2017 at 01:41:45PM +0200, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote a message of 5 lines which said:
TLS tests from the Atlas probes work for me, for every server... *but* login.live.com, for which I always get timeouts (it works with other TLS clients).
Could it be related to this error <https://twitter.com/wiganshale/status/869141059682660352> which is reported by many people on the socnets today? The Atlas probe checks the OCSP answer?
On 2017/05/29 13:53 , Stephane Bortzmeyer wrote:
On Mon, May 29, 2017 at 01:41:45PM +0200, Stephane Bortzmeyer <bortzmeyer@nic.fr> wrote a message of 5 lines which said:
TLS tests from the Atlas probes work for me, for every server... *but* login.live.com, for which I always get timeouts (it works with other TLS clients).
Could it be related to this error <https://twitter.com/wiganshale/status/869141059682660352> which is reported by many people on the socnets today?
The Atlas probe checks the OCSP answer?
Hi Stephane, No, the Atlas code is nowhere near advanced enough to do that. My guess is that the measurement code sends something the other side doesn't like and then the server responds with something the Atlas code doesn't understand. Philip
On Mon, May 29, 2017 at 01:58:13PM +0200, Philip Homburg <philip.homburg@ripe.net> wrote a message of 24 lines which said:
No, the Atlas code is nowhere near advanced enough to do that.
OK, but the coincidence is funny :-)
My guess is that the measurement code sends something the other side doesn't like and then the server responds with something the Atlas code doesn't understand.
Any way to debug it in more detail?
On 2017/05/29 14:02 , Stephane Bortzmeyer wrote:
My guess is that the measurement code sends something the other side doesn't like and then the server responds with something the Atlas code doesn't understand.
Any way to debug it in more detail?
I guess the first step would be look at the interaction in wireshark to see what the server is sending back. Note that at the moment, the probes do not include any SNI information. But a quick test suggests that that is not the cause of the problem. Philip
participants (2)
-
Philip Homburg -
Stephane Bortzmeyer