BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
From: rsalz@xxxxxxxxxx (Salz, Rich)
Date: Tue, 18 Aug 2015 22:26:24 +0000
In-reply-to: <55D3AF59.3080400@wisemo.com>
References: <d15e52af26bc94e341f8a13fa1bc2cd3@teksavvy.com> <55AF9C0A.2070901@wisemo.com> <1439922693333-59732.post@n7.nabble.com> <679d0147562043e9bab9e48fa20efdd8@ustx2ex-dag1mb2.msg.corp.akamai.com> <1439931975276-59734.post@n7.nabble.com> <55D3AF59.3080400@wisemo.com>

There are *no* secure SSLv3 ciphers.  If you need to support it (for legacy clients), then best you can do is use the "poodle patch," the SCSV indicator which will at least prevents clients that are capable of more from being downgraded.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Follow-Ups:
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: Jakob Bohm

References:
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: jonetsu
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: Jakob Bohm
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: jonetsu
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: Salz, Rich
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: jonetsu
- BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
  - From: Jakob Bohm

Prev by Date: BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
Next by Date: BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
Previous by thread: BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
Next by thread: BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Security] [Bugtraq] [Linux] [Linux OMAP] [Linux MIPS] [ECOS] [Asterisk Internet PBX] [Linux API]

Powered by Linux