Re: Firefox 38 and Older TLS sites

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 05/13/2015 06:57 AM, Tris Hoar wrote:
> On 13/05/2015 11:12, Johnny Hughes wrote:
>> All,
>>
>> Red Hat released the source code for Firefox 38.  We have (or willbe
>> today) releasing this for CentOS-5, CentOS-6, and CentOS-7.
>>
>> It does not, by default, connect to https sites with TLS less than 1.2.
>> This means it will not connect to sites on CentOS-5, for example ..
>> there are many others.
>>
>> In any event, here is a wiki article that explains potential issues and
>> workarounds:
>>
>> http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS
>>
> 
> Hi Johnny,
> 
> My reading of https://access.redhat.com/node/1422403 is Firefox 38 will
> connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly
> negotiates the connection. This should only effect sites that close the
> initial connection due to not understanding TLS 1.2.
> 
> A quick test connecting to a RHEL5 server over HTTPS with Firefox 38
> shows it has established a TLS 1.0 connection so this should not really
> effect CentOS 5.
> 

You are correct, it will not automatically negotiate a downgrade only.
Thank goodness.  Still will impact a lot of sites, but not all non TLS 1.2.

Thanks,
Johnny Hughes

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux