Y
Hacker News
new
|
ask
|
show
|
jobs
by
D4AHNGM
4069 days ago
Minor highlight: Debian 8 ships with an OpenSSL which has SSLv3 disabled at compile-time.
1 comments
gcr
4069 days ago
Do you mean that only TLS is supported now?
link
D4AHNGM
4069 days ago
Aye. The Debian compile rules for Jessie's OpenSSL include "no-ssl2 no-ssl3 no-ssl3-method" so it's just TLS1.0 onwards available.
link
ben_bai
4068 days ago
SSLv3 is so 1996... Please, please, please with sugar on top, use TLS only. Also there are lots of changes in the software world in the last 20 years, which the SSL codebase didn't keep up with (mainly meaning OpenSSL).
link