[openssl-users] BEAST and SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS

Salz, Rich rsalz at akamai.com
Tue Aug 18 22:26:24 UTC 2015


There are *no* secure SSLv3 ciphers.  If you need to support it (for legacy clients), then best you can do is use the "poodle patch," the SCSV indicator which will at least prevents clients that are capable of more from being downgraded.




More information about the openssl-users mailing list