[openssl-users] FIPS: SSL 3.0 now forbidden in latest NDCPP update

jonetsu jonetsu at teksavvy.com
Tue Apr 28 12:31:58 UTC 2015

> That refers to the minimum version of the ciphersuite: it
> doesn't imply that it will only be used in SSLv3 (which is
> disabled in FIPS mode).

Hmmm...  I'm sorry but I do not really understand this.  Since openssl is
run in FIPS mode, and since SSLv3 is disabled, then why would the SSLv3
ciphers show up ?  If they have counterparts in TLS that could be used, why
wouldn't the TLS version show up instead ?


View this message in context: http://openssl.6102.n7.nabble.com/FIPS-SSL-3-0-now-forbidden-in-latest-NDCPP-update-tp57695p57762.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

More information about the openssl-users mailing list