[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MirageOS-devel] SSLv3 POODLE vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA384

Hi,

On 10/15/2014 04:37, Stephen Mack wrote:
> Another SSL vulnerability has been found and announced by Google.
> If I am reading correctly, ocaml-TLS does not support the SSLv3
> protocol and therefore is not vulnerable to the POODLE exploit.

Exactly. When we started to develop OCaml-TLS we looked at statistics
what is spoken out there, and SSLv3 only clients were a really small
amount - thus we decided to focus on properly specified RFCs :)


Hannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCQAGBQJUPhzLAAoJELyJZYjffCju78IP/2WDq0fw/Ny3a56Qr4f52AZs
y8zOATmxhoVE+h1ChNZoXFvh8rzYBY/cWl9tbtRXTgMKfUgFj7CT2ppEmulLavzw
FkvSvPrmyLF0rJrwIDz9zz/5THGXpN/p1elVimMdF/VwR3lkVI5Byj5IZ7qU8xx1
9OFQFc1wyz6P7R/+oAeCDWMu4j4F7iGoRYbqX5q2jWg8jG8CzTbYxhgTE/JQ4Ir3
hkiEz0YZqplO65lSwWdFhqp51BGOjmhN/9f5CQbRDokh/aREoqPtrXdLBbO5Cm9U
8hfmyaXNjo1H0Bsc079mGEuK8mxNrE1dcq6fAsl9oakclg6SORtDAsixTbWF3fk2
ZlGJZH+KdftNupVIRbeJu10xyyociU4mQRgVMWTUs/0/yBbJzW12pyoYnxBuLuuV
KqFmEjGBXyzYNlby7UIzxA816AX3We+306BtabWaxWX6/6qdeHC/+OiDSpbd9sbo
Trm9ABytu+cwLEYnQe5W0Mvehle3RRvcNYLnPA9dwbhZLSkfq2mu5qByOD1TD17O
nsoapVTaB8X7D4NUgf1KIqcJuWoyhG20rCm25qCoRGzQ5+2YhLjvufGZaBPg0/s0
fiLecTRyXTgR4lGdSHfXcB/eXHev+NLlFAMIYRGerNEQKXUKgnBBcJreDeYCsN+h
59124mOJjZfy+RwdrVNJ
=stUp
-----END PGP SIGNATURE-----

_______________________________________________
MirageOS-devel mailing list
MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.