On Wed, 15 Oct 2014 08:31:20 -0700 "T.C. Hollingsworth" tchollingsworth@gmail.com wrote:
On Wed, Oct 15, 2014 at 7:03 AM, Kevin Fenzi kevin@scrye.com wrote:
Perhaps we can figure out a way to keep SSLv3 enabled, but disable ciphers that are susceptable?
Disabling CBC ciphers should do the trick: http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploitin...
I asked some folks smarter than me, and they seemed to think this was not sufficent. :(
kevin