I've asked SSL Labs [1] to see if it could be a false positive and if not if there are more specific details.
Thanks and regards, Bryan [1] http://sourceforge.net/p/ssllabs/mailman/ssllabs-discuss/?viewmonth=201511&viewday=18 On Wed, Nov 18, 2015 at 4:07 AM, Nikos Mavrogiannopoulos <[email protected]> wrote: > On Tue, Nov 17, 2015 at 3:32 PM, Bryan Quigley > <[email protected]> wrote: >>>gnutls 2.12 is not maintained since long time. However, poodle is easily >>>solvable by disabling SSL 3.0. There should be a configuration setting in >>>the program that you use to achieve that. >> That's what I assumed as well, but since Poodle was released it was >> found to also affect some implementations of TLS. This is a test >> server [1] (using cups TLS) that has SSLv3 disabled but ssllabs has >> determined TLS is affected by Poodle. The best description of this >> slightly different Poodle is available here[2]. > > It may be that the test done by qualys does not reflect the > description in [2]. GnuTLS 2.12.x does the padding correctly so either > the tests only checks for CBC ciphersuites and tag the server as > broken, or the test is broken. > > regards, > Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
