1153830 – SSL3 should be disabled by default

Bug 1153830 - SSL3 should be disabled by default

Summary: SSL3 should be disabled by default

Keywords:
Status:	CLOSED DUPLICATE of bug 1166526
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	crypto-policies
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Nikos Mavrogiannopoulos
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-10-16 22:18 UTC by Christian Stadelmann
Modified:	2014-11-25 12:14 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-11-25 12:14:27 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Christian Stadelmann 2014-10-16 22:18:32 UTC

Description of problem:
With POODLE SSLv3 should be disabled by default.

Comment 1 Nikos Mavrogiannopoulos 2014-10-17 04:35:51 UTC

Currently crypto-policies is only used in software the properly uses TLS negotiation, i.e., it is not vulnerable to the version rollback used in Poodle. Thus, SSL 3.0 will only be used as a last resort, when SSL 3.0 is the only commonly supported version.

However, the request to deprecate SSL 3.0 is certainly something we would like to do. I'm not sure if that should be done in F21 already.

Comment 2 Nikos Mavrogiannopoulos 2014-11-25 12:14:27 UTC


*** This bug has been marked as a duplicate of bug 1166526 ***

Note You need to log in before you can comment on or make changes to this bug.