tlsIntoleranceTelemetryBucket returns 0 if given an error it doesn't know about. The histogram data for SSL_VERSION_FALLBACK_INAPPROPRIATE shows that we're encountering an error that function doesn't know about 50-60% of the time. http://telemetry.mozilla.org/#filter=nightly%2F36%2FSSL_VERSION_FALLBACK_INAPPROPRIATE&aggregates=multiselect-all!Submissions&evoOver=Builds&locked=true&sanitize=true&renderhistogram=Graph

The only path I can see that would trigger this logic is a two step fallback (1.2->1.1->1.0). With the current code, we actually step up a version at a time when we see inappropriate_fallback alerts, but clear the fallback reason code on the first step-up (1.0->1.1). The subsequent attempt to connect on 1.1 will trigger the alert. That is something that bug 1088950 is going to fix. But the numbers are relatively high, and the scenario seems like it might be a bit hard to trigger.

Looks like this is happening about 30% of the time now.