@bascule not with OpenSSL, that's why I disabled SSL3 months ago.
Is there a way to configure a TLS ciphersuite that uses AES for TLSv1 (as in 1.0) clients, but RC4 for SSLv3?
-
-
-
@Asmod4n that's great if you have no SSLv3 clients... -
@bascule should have noted its only a dev box, but isn’t 3DES more secure than RC4? -
@Asmod4n 3DES is also CBC mode -
@bascule looks like some hardware vendors are screwed.
End of conversation
New conversation -
-
-
@bascule Not with stock OpenSSL, but I swear I remember reading about a patch that does this, in the wake of BEAST.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.