On Wed, Oct 15, 2014 at 2:29 PM, Joe Gooch <[email protected]> wrote:
> That would fall on OpenSSL to implement... Which they did... A patch > went out yesterday. It's doubtful many distros have it yet. Once the > library supports it we can. > > I plan on whipping up a disablesslv3 option in the next couple days... I > can do something similar with fallback scsv at that time. > I would definitely be interested in the disable SSLv3 option, as I am currently in the unfortunate position of needing to disable SSLv3 on my pound servers that are running openssl 0.9.8, and outright disabling SSLv3 ciphers effectively disables TLS 1.0. Updating pound is probably going to be more realistic than OpenSSL in the short term. Thanks. > > > Joe > > > On 10/15/14, 4:55 PM, Root Kev wrote: > > Hello, > > Is there any known way to implement the "TLS_FALLBACK_SCSV > <https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00>" feature > in pound? > > Thanks, > > Kevin > > >
