On 13/11/14 15:04, Amos Jeffries wrote: > Sounds to me like they are using SSLv3 in their server. Yes but "openssl s_client -tls1" also works, it just appears that openssl cannot negotiate it - it has to be hardwired > Lookup "SSLv3 POODLE" for what is happening in that area. I thought it would be related, so it appears the newest version of openssl cannot talk to some servers that "only" support TLSv1.0? That doesn't sound right... But as you say, once the browsers start breaking, I bet sites will rapidly get upgraded. Hard to believe, but right now the Bank of New Zealand doesn't support TLSv1.1, let alone TLSv1.2! -- Cheers Jason Haar Corporate Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
