Date: Wed, 15 Oct 2014 11:15:41 +0200 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Eygene Ryabinkin <rea@freebsd.org> Cc: gecko@freebsd.org, ports-secteam@freebsd.org, chromium@freebsd.org Subject: Re: POODLE SSLv3 vulnerability Message-ID: <86a94xzoaq.fsf@nine.des.no> In-Reply-To: <R0zKl5VfV2qM//7ElaCD1tOBoHs@1d%2BaJAniZP50FCDdGj54nd51%2Bks> (Eygene Ryabinkin's message of "Wed, 15 Oct 2014 10:02:17 %2B0400") References: <86iojmgn40.fsf@nine.des.no> <R0zKl5VfV2qM//7ElaCD1tOBoHs@1d%2BaJAniZP50FCDdGj54nd51%2Bks>
next in thread | previous in thread | raw e-mail | index | archive | help
Eygene Ryabinkin <rea@freebsd.org> writes: > I'd also introduce an OPTION for Apache, Nginx and other Web servers > we ship in the ports collection that won't allow to use SSLv3 and turn > it on by-default. This will break some legacy clients, so it should > be an OPTION. stunnel, all Web servers for Ruby and other servers > that do SSL should also be modified to include such modification. That sounds like a good idea, but also a lot of work... DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86a94xzoaq.fsf>