security.tls.version.min = 1 but PoodleTest still failing?

1 Antwort
1 hat dieses Problem
3 Aufrufe
Letzte Antwort von ideato

vor 9 Jahren

23.11.14, 21:29

I'm concerned about the SSLV3 issue in Mozilla Firefox 33.1.1 on Windows 7 64-bit. After reading up some recent answers I thought setting the subject config parameter to 1 would mean I would then be protected using the test (I used the non-Javascript version) at https://www.poodletest.com/index2.html

However, after setting that parameter to 1 that page still shows the poodle. Even after restarting my browser, the poodle still shows. Excuse my naivete, but does that config change only protect me from a subset of SSLV3 issues or should it protect me from all currently known SSLV3 issues?

I'm concerned about the SSLV3 issue in Mozilla Firefox 33.1.1 on Windows 7 64-bit. After reading up some recent answers I thought setting the subject config parameter to 1 would mean I would then be protected using the test (I used the non-Javascript version) at https://www.poodletest.com/index2.html However, after setting that parameter to 1 that page still shows the poodle. Even after restarting my browser, the poodle still shows. Excuse my naivete, but does that config change only protect me from a subset of SSLV3 issues or should it protect me from all currently known SSLV3 issues?

Answer 1 · 2014-11-23 21:29:57

ideato

23.11.14, 23:02

Hello humbug12, totally protection is only in beta (34.0b11) because in beta 34 SSLv3 is disabled by default.

see the "Additional Precautions" in the next article : https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

note that 34 stable release in a week+ (1 or 2 December 2014) (with SSLv3 disable also:-))

thank you

Hilfe durchsuchen

security.tls.version.min = 1 but PoodleTest still failing?

Alle Antworten (1)

Stellen Sie eine Frage

Entdecken Sie unsere Hilfeartikel

Mozilla-Konto

Hilfe durchsuchen

security.tls.version.min = 1 but PoodleTest still failing?

Alle Antworten (1)