Hello, I have a pretty standard stunnel server configuration with verify = 2 and clients, that don't speak TLS and can't easily be upgraded to support TLS. So disabling SSLv3 leads to handshake errors, I need to leave it enabled for now. The SSL connection is always renegotiated, a proprietary protocol is used inside SSL, and clients can be considered safe. Can the poodle security flaw realistically be used by a man in the middle to decrypt packets send over such an SSLv3 connection? If so, is there any other way to protect against the attack?
Thank you.
_______________________________________________ stunnel-users mailing list [email protected] https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
