[Ach] Android SSL downgrade Android 2.3
Aaron Zauner
azet at azet.org
Thu Dec 19 16:15:13 CET 2013
On 19 Dec 2013, at 16:10, Ralf Schlatterbeck <rsc at runtux.com> wrote:
> This is a blog-post speculating on the reasons why SSL was downgraded to
> RC4 for SSL for Relase 2.3 in December 2010 -- note that BEAST was in
> 2011 (!)
> Can anybody here provide more insight or are we left with the
> speculation that this was intentional?
Or simply malpractice.
AFAIK nobody stepped forward on this issue. Cloud have been a mistake, could have been intentional.
>
> http://op-co.de/blog/posts/android_ssl_downgrade/
>
> Ralf
> --
> Dr. Ralf Schlatterbeck Tel: +43/2243/26465-16
> Open Source Consulting www: http://www.runtux.com
> Reichergasse 131, A-3411 Weidling email: office at runtux.com
> allmenda.com member email: rsc at allmenda.com
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20131219/93216808/attachment.sig>
More information about the Ach
mailing list