Slashdot Mirror

← Back to Stories (view on slashdot.org)

RFC 7568 Deprecates SSLv3 As Insecure

Posted by timothy on Tuesday June 30, 2015 @02:55AM from the must-not-is-in-all-caps dept.

AmiMoJo writes: SSLv3 should not be used, according to the IETF's RFC 7568. Despite being replaced by three versions of TLS, SSLv3 is still in use. Clients and servers are now recommended to reject requests to use SSLv3 for secure communication. "SSLv3 Is Comprehensively Broken," say the authors, and lay out its flaws in detail.

1 of 53 comments (clear)

Min score:

Reason:

Sort:

yeah yeah by Anonymous Coward · 2015-06-30 03:05 · Score: 1, Flamebait

and what about the tens of thousands of UPSes, printers, KVMs, IP cameras, thermocouples and other embedded crap all which only responds to SSL v3 ? i suppose the IETF is going to come out with special firmware for all those devices still in wide use ? oh wait they arent. typical software "engineers" with no real world experience. go fuck yourselves.