[gnutls-help] Question about POODLE tls1
Bryan Quigley
bryan.quigley at canonical.com
Tue Nov 17 15:32:20 CET 2015
>gnutls 2.12 is not maintained since long time. However, poodle is easily
>solvable by disabling SSL 3.0. There should be a configuration setting in
>the program that you use to achieve that.
That's what I assumed as well, but since Poodle was released it was
found to also affect some implementations of TLS. This is a test
server [1] (using cups TLS) that has SSLv3 disabled but ssllabs has
determined TLS is affected by Poodle. The best description of this
slightly different Poodle is available here[2].
Poodle affecting TLS has only been known for a few months, which means
the fix was done long before this was known..
Kind regards,
Bryan
[1] https://www.ssllabs.com/ssltest/analyze.html?d=190.35.213.162.lcy-02.canonistack.canonical.com&hideResults=on
[2] https://vivaldi.net/userblogs/entry/there-are-more-poodles-in-the-forest
More information about the Gnutls-help
mailing list