security.tls.version.min = 1 but PoodleTest still failing?

1 baphendule
1 inale nkinga
5 views
Igcine ukuphendulwa ngu ideato

9 iminyaka edlule

11/23/14 21:29

I'm concerned about the SSLV3 issue in Mozilla Firefox 33.1.1 on Windows 7 64-bit. After reading up some recent answers I thought setting the subject config parameter to 1 would mean I would then be protected using the test (I used the non-Javascript version) at https://www.poodletest.com/index2.html

However, after setting that parameter to 1 that page still shows the poodle. Even after restarting my browser, the poodle still shows. Excuse my naivete, but does that config change only protect me from a subset of SSLV3 issues or should it protect me from all currently known SSLV3 issues?

I'm concerned about the SSLV3 issue in Mozilla Firefox 33.1.1 on Windows 7 64-bit. After reading up some recent answers I thought setting the subject config parameter to 1 would mean I would then be protected using the test (I used the non-Javascript version) at https://www.poodletest.com/index2.html However, after setting that parameter to 1 that page still shows the poodle. Even after restarting my browser, the poodle still shows. Excuse my naivete, but does that config change only protect me from a subset of SSLV3 issues or should it protect me from all currently known SSLV3 issues?

Answer 1 · 2014-11-23 21:29:57

ideato

11/23/14 23:02

Hello humbug12, totally protection is only in beta (34.0b11) because in beta 34 SSLv3 is disabled by default.

see the "Additional Precautions" in the next article : https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

note that 34 stable release in a week+ (1 or 2 December 2014) (with SSLv3 disable also:-))

thank you

Search Support

security.tls.version.min = 1 but PoodleTest still failing?

All Replies (1)

Buza Umbuzo

Explore Our Help Articles

Mozilla Account

Search Support

security.tls.version.min = 1 but PoodleTest still failing?

All Replies (1)