Message 229370 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	pitrou
Recipients	alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, vstinner
Date	2014-10-14.23:13:54
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1413328434.45.0.233751426208.issue22638@psf.upfronthosting.co.za>
In-reply-to

Content
"""Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks."""

"""Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks."""

History
Date	User	Action	Args
2014-10-14 23:13:54	pitrou	set	recipients: + pitrou, janssen, vstinner, giampaolo.rodola, christian.heimes, alex, dstufft
2014-10-14 23:13:54	pitrou	set	messageid: <1413328434.45.0.233751426208.issue22638@psf.upfronthosting.co.za>
2014-10-14 23:13:54	pitrou	link	issue22638 messages
2014-10-14 23:13:54	pitrou	create