[Ach] Looks like SSLv3 is enabled for httpd in spec?
Adi Kriegisch
adi at kriegisch.at
Wed Mar 2 15:37:53 CET 2016
Hi!
> For httpd the spec says
[...]
> SSLProtocol All -SSLv2 -SSLv3
>
> Can anyone tell me, if :+SSLv3: really should be there?
'+SSLv3' is a sort instruction to reorder the SSLv3/TLSv1 ciphers at a
certain position; after the TLSv1.2 ciphers for example.
It does *not* enable (or disable with -SSLv3) the protocol itself.
-- Adi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20160302/0ddcea89/attachment.sig>
More information about the Ach
mailing list