It does not matter who you talk to.  With a POODLE attack, your content can be 
decrypted.  Cookies, etc., were just used as an example.

Disabling ssl3 is a good thing.  But set the fallback because silently dropping 
from tls 1.2 to tls 1.1 is bad.  It’s done during the handshake process as part 
of the cipher negotiation.

Principal Security Engineer, Akamai Technologies
IM:<> Twitter: RichSalz

Reply via email to