Slashdot Mirror

← Back to Stories (view on slashdot.org)

RFC 7568 Deprecates SSLv3 As Insecure

Posted by timothy on Tuesday June 30, 2015 @02:55AM from the must-not-is-in-all-caps dept.

AmiMoJo writes: SSLv3 should not be used, according to the IETF's RFC 7568. Despite being replaced by three versions of TLS, SSLv3 is still in use. Clients and servers are now recommended to reject requests to use SSLv3 for secure communication. "SSLv3 Is Comprehensively Broken," say the authors, and lay out its flaws in detail.

1 of 53 comments (clear)

Min score:

Reason:

Sort:

Re:PROPOSED standard by Junta · 2015-06-30 03:27 · Score: 3, Insightful

In RFC land, PROPOSED standard is pretty much as far as most things get.
See:
https://tools.ietf.org/rfc/ind...
For example, nntp is 'just' a 'proposed standard'.

--
XML is like violence. If it doesn't solve the problem, use more.