now browsing by tag
It may be time to retire SSL v3.0. Seems like a new bug has taken shape. More research will be going on shortly.
The POODLE Attack
To work with legacy servers, many TLS clients implement a downgrade dance: in a first
handshake attempt, offer the highest protocol version supported by the client; if this
handshake fails, retry (possibly repeatedly) with earlier protocol versions. Unlike proper
protocol version negotiation (if the client offers TLS 1.2, the server may respond with, say,
TLS 1.0), this downgrade can also be triggered by network glitches, or by active attackers.
So if an attacker that controls the network between the client and the server interferes with
any attempted handshake offering TLS 1.0 or later, such clients will readily confine themselves to SSL 3.0.