On 2 Jan 2015, at 18:18, olli hauer <[email protected]> wrote: > > Hi, > > is there a special reason to keep SSLv3 support on current httpd version > (CVE-2014-3566 POODLE attack) ?
See the previous thread starting at http://tinyurl.com/ouyk2cd My summary: As you note, major browsers have already disabled SSLv3. It's easy to configure httpd not to offer SSLv3 (and this makes a good default for new installs). -- Tim Bannister – [email protected]
