http://bugs.winehq.org/show_bug.cgi?id=30598
--- Comment #39 from Hiroshi Miura miurahr@linux.com 2012-10-27 21:49:28 CDT --- Evernote problem is likely a server problem because openssl and gnutls also fails to connect with command line utility.
$ openssl s_client -connect www.evernote.com:443 $ gnutls-cli www.evernote.com
both fails to negotiate ssl.
I found result of ' gnutls-cli-debug www.evernote.com' show that
Checking for TLS 1.0 support... yes Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... failed Checking for TLS 1.2 support... no
'$ gnutls-cli-debug sandbox.evernote.com' shows
Checking for TLS 1.0 support... yes Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... SSL 3.0 Checking for TLS 1.2 support... no
and sandbox works fine.
But Evernote client for windows works fine on MS windows7. Because 1. WIndows 7 don't enable TLS1.1/1.2 by default 2. Windows 7 have a mechanism to fall back(close socket and create new connection) to SSLv3/TLSv1 that is not defined in IETF RFC.
My first proposal is implement (1) but fails to accept. So I take an approach (2).