[openssl-users] FIPS: SSL 3.0 now forbidden in latest NDCPP update
jonetsu
jonetsu at teksavvy.com
Tue Apr 28 12:31:58 UTC 2015
> That refers to the minimum version of the ciphersuite: it
> doesn't imply that it will only be used in SSLv3 (which is
> disabled in FIPS mode).
Hmmm... I'm sorry but I do not really understand this. Since openssl is
run in FIPS mode, and since SSLv3 is disabled, then why would the SSLv3
ciphers show up ? If they have counterparts in TLS that could be used, why
wouldn't the TLS version show up instead ?
Thanks.
--
View this message in context: http://openssl.6102.n7.nabble.com/FIPS-SSL-3-0-now-forbidden-in-latest-NDCPP-update-tp57695p57762.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list