Hi, On Wed, Oct 15, 2014 at 10:59:02AM +0200, Christoph Gebhardt wrote: > Quoting Jonas Wielicki (2014-10-15 09:47:23) > > I’m not confident that this attack is (like BEAST and CRIME) relevant > > for XMPP. > > But is SSLv3 relevant in the XMPP world? > In the web world this is a problem with ancient Internet Explorers on > Windows XP machines, everything else supports TLS, at least according > to ssllabs.com. > > Does anyone know of any XMPP client that needs the server to offer SSLv3?
This is of course anecdotal evidence, but jabber.at had SSLv3 deaktivated for several months. We haven't received any complaints so far, even though we posted on our website to contact us if anyone had problems connecting. greetings, Mati -- I only read plain text mail! I prefer pgp|gpg signed & encrypted mails!
signature.asc
Description: Digital signature
