15 Oct
2014
15 Oct
'14
11:34 a.m.
https://www.openssl.org/~bodo/ssl-poodle.pdf http://www.infoq.com/news/2014/10/google-ssl3 online test: https://www.poodletest.com/ Daniel Silverstone suggests: recommended actions = disable SSLv3 in browser, and disable SSLv3 in apache, same for dovecot if your Exim4 is compiled against gnutls, you want something like: tls_require_ciphers = NORMAL:-VERS-SSL3.0 to test that: gnutls-cli -s --priority NONE:+VERS-SSL3.0 --port 25 my.server EHLO me STARTTLS ^D should fail if you don't put the --priority blah, then you should get: - Version: TLS1.2