On Tue, Nov 17, 2015 at 3:32 PM, Bryan Quigley <[email protected]> wrote: >>gnutls 2.12 is not maintained since long time. However, poodle is easily >>solvable by disabling SSL 3.0. There should be a configuration setting in >>the program that you use to achieve that. > That's what I assumed as well, but since Poodle was released it was > found to also affect some implementations of TLS. This is a test > server [1] (using cups TLS) that has SSLv3 disabled but ssllabs has > determined TLS is affected by Poodle. The best description of this > slightly different Poodle is available here[2].
It may be that the test done by qualys does not reflect the description in [2]. GnuTLS 2.12.x does the padding correctly so either the tests only checks for CBC ciphersuites and tag the server as broken, or the test is broken. regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
