On Fri, Oct 17, 2014 at 07:02:48PM +0200, Kurt Roeckx wrote: > On Fri, Oct 17, 2014 at 04:47:57PM +0100, Robin Bailey wrote: > > Supported Server Cipher(s): > > Accepted SSLv3 256 bits AES256-SHA > > Accepted SSLv3 128 bits AES128-SHA > > Accepted SSLv3 128 bits RC4-SHA > > Accepted SSLv3 112 bits DES-CBC3-SHA > > SSLv3 is supposed to be completly disabled, but it seems it's not.
So I can't actually reproduce this. Are you sure this in not some bug in the tool? I can only get it to negiotate those ciphers with TLS >= 1.0. Please note that the cipher is supported by SSLv3, and "openssl ciphers -v" will show it as SSLv3, but that doesn't mean it can't be used with TLS. Kurt -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
