On Thu, 2014-10-16 at 10:31 -0700, Richard Barnes wrote: > By now, you've probably heard about the POODLE attacks on SSLv3, and > our decision to disable SSLv3 by default in Firefox 34 [1]. Several > people have proposed that we also make this change in Firefox ESR 31. > > So I wanted to propose that we also disable SSLv3 by default in ESR 31 > at about the same time as we do it in 34, that is, around November 25. > > If there are any objections or comments on that proposal, please raise > them in this thread.
FYI, it's actually more than a proposal. It has been clarified in the bug, disabling it in Firefox 31.3 is already planned: https://bugzilla.mozilla.org/show_bug.cgi?id=1076983#c73 So, if you have any objections, please speak up. Thanks Kai -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto