On Oct 14, 2014, at 5:25 PM, Jason J. W. Williams
wrote:
> We've been running our sites with SSLv3 off for sometime, since we
> only support IE7 and newer in our services.
>
> Disabling SSLv3 hurts folks who need to support IE6 clients primarily.
You still have the option to enable it, of co
Is there an easy way to quantify the impact before turning SSLv3 off? Maybe by
looking at logs?
On Tuesday, October 14, 2014 4:18 PM, Brian Geffon
wrote:
cc: users@
For users who want to immediately disable SSLv3 you should only need to changeĀ
proxy.config.ssl.SSLv3 in records.conf
We've been running our sites with SSLv3 off for sometime, since we
only support IE7 and newer in our services.
Disabling SSLv3 hurts folks who need to support IE6 clients primarily.
-J
On Tue, Oct 14, 2014 at 4:23 PM, Scott Beardsley wrote:
> Is there an easy way to quantify the impact before t
cc: users@
For users who want to immediately disable SSLv3 you should only need to
change proxy.config.ssl.SSLv3 in records.config to 0 and bounce
traffic_server.
Brian
On Tue, Oct 14, 2014 at 4:13 PM, Leif Hedstrom wrote:
> Now that the POODLE is out of the bag, I think we should consider cha
Now that the POODLE is out of the bag, I think we should consider changing this
for v5.1.1:
{RECT_CONFIG, "proxy.config.ssl.SSLv3", RECD_INT, "1", RECU_RESTART_TS,
RR_NULL, RECC_INT, "[0-1]", RECA_NULL}
I believe this does have a drawback: certain browsers / UAs on some OSes might
not have
