On Wed, Oct 15, 2014 at 7:03 AM, Kevin Fenzi <kevin at scrye.com> wrote: > Perhaps we can figure out a way to keep SSLv3 enabled, but disable > ciphers that are susceptable? Disabling CBC ciphers should do the trick: http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html -T.C.