Re: [openssl-users] DROWN (CVE-2016-0800)

Salz, Rich Wed, 02 Mar 2016 10:22:46 -0800

Other implementations MAY be susceptible.  It's a protocol flaw.

The fix is to completely remove SSLv2.  See the blog post:  
https://www.openssl.org/blog/blog/2016/03/01/an-openssl-users-guide-to-drown/


--  
Senior Architect, Akamai Technologies
IM: richs...@jabber.at Twitter: RichSalz


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DROWN (CVE-2016-0800)

Reply via email to