> -----Ursprüngliche Nachricht----- > Von: Eric Covener [mailto:[email protected]] > Gesendet: Montag, 28. September 2015 19:00 > An: Apache HTTP Server Development List <[email protected]> > Betreff: Re: svn commit: r1705618 - /httpd/httpd/branches/2.4.x/STATUS > > On Mon, Sep 28, 2015 at 12:33 PM, William A Rowe Jr <wrowe@rowe- > clan.net> wrote: > > By which we mean TTLv1.0/SSLv3 because there is so little technical > > difference between them. > > AORN { > I think there is enough difference to disable one by default and not > the other. The final straw for SSLv3 was POODLE. But POODLE on TLS > 1.0 was fixable/fixed. The qualsys TLS best practice doc > differentiates them, and the scanner dings you seriously for SSLv3 and > not at all for TLS1.0. From my own support work, anecdotally, > commercial scan tools seem to treat things the same as qualsys. > } >
+1. SSLv3 and TLS 1.0 are close, but there are some differences and the ability to prevent POODLE is (an important) one of them. Regards Rüdiger
