<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 07/04/2015 17:09, David Rueter
wrote:<br>
</div>
<blockquote cite="mid:1da201d07144$da52aaf0$8ef800d0$@assyst.com"
type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">You're confusing SSLv3 the protocol, with SSLv3 ciphersuites.
</pre>
</blockquote>
</blockquote>
<pre wrap="">Yes, I admit I am not distinguishing between these. However, !SSLv3 in the
cipher list does evidently disable the SSLv3 protocol as well--as evidenced
by testing with <a class="moz-txt-link-freetext" href="https://www.ssllabs.com/ssltest">https://www.ssllabs.com/ssltest</a>
Since I don't have source for the application I can only control OpenSSL's
behavior through the cypher list. I guess I will have to choose between
leaving SSLv3 enabled and breaking Android and IE on XP users (that require
TLSv1).
</pre>
</blockquote>
<tt>Is OpenSSL in its own DLL/DLLs? If so, could you simply<br>
recompile OpenSSL (at latest</tt><tt> </tt><tt>patchlevel)
without the SSL3<br>
protocol?<br>
</tt><tt><br>
This would also provide all the other security fixes that<br>
have been added to OpenSSL since someone gave you the<br>
program.</tt>
<br>
<br>
<pre class="moz-signature" cols="72">Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. <a class="moz-txt-link-freetext" href="http://www.wisemo.com">http://www.wisemo.com</a>
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded </pre>
</body>
</html>