On Wed, 15 Oct 2014 08:31:20 -0700 "T.C. Hollingsworth" <tchollingsworth@xxxxxxxxx> wrote: > On Wed, Oct 15, 2014 at 7:03 AM, Kevin Fenzi <kevin@xxxxxxxxx> wrote: > > Perhaps we can figure out a way to keep SSLv3 enabled, but disable > > ciphers that are susceptable? > > Disabling CBC ciphers should do the trick: > http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html I asked some folks smarter than me, and they seemed to think this was not sufficent. :( kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
