Re: IETF mail server and SSLv3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> On Feb 26, 2016, at 7:09 PM, Solarus <solarus@xxxxxxxxxxxxx> wrote:
> 
> SSLv2 is no longer used or seen by MTA, so we can reasonably drop it's support.
> But cleartext is still more used than SSLv3, so why would you drop SSLv3 support before forbidding cleartext inbound and outbound your MTA ?

As I mentioned upthread, SSLv3 is also no longer used.  It makes
to not carry around useless baggage that increases the attack
surface and looks bad in audits.  No additional traffic is
protected by enabling SSLv3, the SSLv3-only MTAs are gone from
the public Internet (O.K. a negligible number may remain, but
this is no longer worth the penalty of keeping SSLv3 around).

-- 
	Viktor.





[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]