On 01/03/16 23:23, P. A. López-Valencia wrote: > The vulnerability is so bad[1], it doesn't only have a CVE number, > CVE-2016-0800[4], but a name and its own website: HTTPS DROWN[1][2][3].
Just as many other vulnerabilities these days, there is a marketing campaign behind them, probably to sell consultancy services. Anybody who's security-minded hasn't been using SSLv2 anyway.
signature.asc
Description: OpenPGP digital signature
