Sorry. It was an article from the register. I might be wrong because I was multi- tasking.... and holding a conversation at the same time on a different subject. Saw the article and thought others might like it.
On Sun, Oct 9, 2011 at 11:36 AM, Scott Granneman <[email protected]> wrote: > Mike, I'm not calling you a dad burn liar :) , but are you sure that > "most browsers don't support anything but SSL 1.0"? For YEARS, I've > found that the browsers I install have SSL 1 turned off in favor of > SSL 2 & TLS. > > In fact, I just looked it up on Wikipedia > (http://en.wikipedia.org/wiki/Transport_Layer_Security#Browser_implementations): > > "All the most recent web browsers support TLS: > > Apple's Safari supports TLS, but it’s not officially specified which > version.[33] On operating systems (Safari uses the TLS implementation > of the underlying OS) like Mac OS X 10.5.8, Mac OS X 10.6.6, Windows > XP, Windows Vista or Windows 7, Safari 5 has been reported to support > TLS 1.0.[34] > > Mozilla Firefox, versions 2 and above, support TLS 1.0.[35] As of > September 2011, Firefox does not support TLS 1.1 or 1.2.[36] > > Microsoft Internet Explorer always uses the TLS implementation of the > underlying Microsoft Windows Operating System, a service called > SChannel Security Service Provider. Internet Explorer 8 in Windows 7 > and Windows Server 2008 R2 supports TLS 1.2. Windows 7 and Windows > Server 2008 R2 use the same code (Microsoft Windows Version 6.1 (build > 7600)) similar to how Windows Vista SP1 uses the same code as Windows > 2008 Server.[37] > > As of Presto 2.2, featured in Opera 10, Opera supports TLS 1.2.[38] > > Google's Chrome browser supports TLS 1.0, but not TLS 1.1 or 1.2.[39]" > > Scott > -- > R. Scott Granneman > [email protected] ~ www.granneman.com ~ granneman.tel > Full list of publications @ http://www.granneman.com/publications > My new book: Google Apps Deciphered @ http://www.granneman.com/books > > "One must not always think that feeling is everything. Art is nothing > without form." > ---Gustave Flaubert > > On Tue, Sep 20, 2011 at 3:34 PM, Mike B. <[email protected]> wrote: >> http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ >> >> SSL exploit affects SSL1.0 but not newer versions. Yet most places >> use SSL1.0 because most browsers don't support anything but SSL1.0. >> >> -- >> Central West End Linux Users Group (via Google Groups) >> Main page: http://www.cwelug.org >> To post: [email protected] >> To subscribe: [email protected] >> To unsubscribe: [email protected] >> More options: http://groups.google.com/group/cwelug >> > > -- > Central West End Linux Users Group (via Google Groups) > Main page: http://www.cwelug.org > To post: [email protected] > To subscribe: [email protected] > To unsubscribe: [email protected] > More options: http://groups.google.com/group/cwelug -- Central West End Linux Users Group (via Google Groups) Main page: http://www.cwelug.org To post: [email protected] To subscribe: [email protected] To unsubscribe: [email protected] More options: http://groups.google.com/group/cwelug
