How can one tell if the SSL communication between a client and a server is SSLv2 or SSLv3?
+1
A:
On the SSL protocol level, the second byte of the header contains the major version of the protocol, which is 3 for SSLv3/TLS, presumably 2 for SSLv2. Note that the client sends the highest version it supports in its ClientHello message, and the server responds with the version it chose (which may be lower) in the ServerHello message.
Of course, you should work with an API that allows you to query the version without getting down to the protocol level.
Michael Borgwardt
2009-01-15 15:38:31