IETF Chair <chair@xxxxxxxx> writes:
> For your information, while SSLv3 has been disabled on IETF web
> servers, it has still been enabled on mail transport. The tools is
> taking action to disable SSLv3 even on mail transport. After this, all
> IETF web and mail servers support only TLS-based transport on secure
> connections.
>
> If you have any feedback regarding this, let me or the tools team know.
Have you disabled non-TLS SMTP transport, too?
If not, isn't there a chance that disabling SSLv3 will cause *SOME*
email to fallback to non-encrypted?
> Jari Arkko, IETF Chair
-derek
--
Derek Atkins 617-623-3745
derek@xxxxxxxxx www.ihtfp.com
Computer and Internet Security Consultant