Re: [TLS] Prohibiting SSL 3.0
Yoav Nir <ynir.ietf@gmail.com> Fri, 31 October 2014 19:04 UTC
Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BCB871A1A40 for <tls@ietfa.amsl.com>; Fri, 31 Oct 2014 12:04:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id m48u_HY91Pgl for <tls@ietfa.amsl.com>; Fri, 31 Oct 2014 12:04:39 -0700 (PDT)
Received: from mail-wg0-x233.google.com (mail-wg0-x233.google.com [IPv6:2a00:1450:400c:c00::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4FEE41A1A12 for <tls@ietf.org>; Fri, 31 Oct 2014 12:04:39 -0700 (PDT)
Received: by mail-wg0-f51.google.com with SMTP id l18so8640045wgh.10 for <tls@ietf.org>; Fri, 31 Oct 2014 12:04:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=vSa5BBhVij41qI1rPf9SiAkMtjJ4mQA/lvDsNZBsp7w=; b=gAOmDtM3HPAPJyfr5fHrNi8sMkL/uxY5MHIkbVDVHZwjOc8I6Ann4EV+qALn19ILQv Ko4Ev8yiY6jOBEryY7LkCPtAXxPn+i4Z+GBkhA+UxEKzZUntHmTQKdKM9XJHwgLrxoG+ Nyg1eiUncA4FUpstu7f2rhVnlv3paH65HQbuYL6MUWvlJBAxajNqgEzUvo61xr4d9swG rq4MpTdlTbWFNOkbYr3hgwn8wauiEVv5Ikttm4XuAlLab3XJNLLe9S93GPpOeMKwGZvf NQDMPCGpVG5BvldavA25J8Pym5I7yQ9Qdv2QVIQ+v6DvsKAW//YCfKovU2XSi/WN9Zs+ ZpaA==
X-Received: by 10.194.90.175 with SMTP id bx15mr29312805wjb.25.1414782277954; Fri, 31 Oct 2014 12:04:37 -0700 (PDT)
Received: from [192.168.1.104] (IGLD-84-228-87-161.inter.net.il. [84.228.87.161]) by mx.google.com with ESMTPSA id eu8sm2594111wic.1.2014.10.31.12.04.37 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 31 Oct 2014 12:04:37 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail=_DD118FB6-0B34-40B7-8917-0A9CF6AABC58"
Mime-Version: 1.0 (Mac OS X Mail 8.0 \(1990.1\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <BLU177-W52733815FEA1B28C0A6EC6C39A0@phx.gbl>
Date: Fri, 31 Oct 2014 21:04:35 +0200
Message-Id: <98C3E3E6-5BB1-49E0-BF5F-D5378E3D8688@gmail.com>
References: <BLU177-W4981235CC3AA2325B8CC01C39F0@phx.gbl> <, > <20141031010310.2F9631AF6E@ld9781.wdf.sap.corp> <, > <CACsn0cn0CFxt-tnnkTr8OF41uLxx8SGTNM8yK90SUiJDPgcN_Q@mail.gmail.com> <, > <CADMpkc+sBA8X4XodX2S_S4jTkpixzJfQ82UKUQyF-_fHG5Vqrg@mail.gmail.com> <, > <CACsn0c=3RFSRAbw5tvgK+WwPwXFc6n59nr+yWdfxWJbc9m0CVQ@mail.gmail.com> <BLU177-W52733815FEA1B28C0A6EC6C39A0@phx.gbl>
To: Yuhong Bao <yuhongbao_386@hotmail.com>
X-Mailer: Apple Mail (2.1990.1)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/nYPaJWKXKGBMGi4BA_6MWRdxj3U
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Prohibiting SSL 3.0
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Oct 2014 19:04:45 -0000
> On Oct 31, 2014, at 7:55 PM, Yuhong Bao <yuhongbao_386@hotmail.com> wrote: > > SSLv2 had much worse security flaws than SSLv3 did. Other than the downgrade attack by a MITM, what else?
- [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Martin Thomson
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Peter Gutmann
- Re: [TLS] Prohibiting SSL 3.0 Florian Weimer
- Re: [TLS] Prohibiting SSL 3.0 Ilari Liusvaara
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Eric Rescorla
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Salz, Rich
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Hubert Kario
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Manuel Pégourié-Gonnard
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Martin Rex
- Re: [TLS] Prohibiting SSL 3.0 Geoffrey Keating
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Bodo Moeller
- Re: [TLS] Prohibiting SSL 3.0 Watson Ladd
- Re: [TLS] Prohibiting SSL 3.0 Sean Turner
- Re: [TLS] Prohibiting SSL 3.0 Joseph Salowey
- Re: [TLS] Prohibiting SSL 3.0 Yuhong Bao
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir
- Re: [TLS] Prohibiting SSL 3.0 Dave Garrett
- Re: [TLS] Prohibiting SSL 3.0 Jeffrey Walton
- Re: [TLS] Prohibiting SSL 3.0 Yoav Nir