* [gentoo-user] What do you use for appliances with old SSL?
@ 2015-11-24 23:33 Adam Carter
2015-11-25 7:11 ` J. Roeleveld
0 siblings, 1 reply; 4+ messages in thread
From: Adam Carter @ 2015-11-24 23:33 UTC (permalink / raw
To: gentoo-user@lists.gentoo.org
[-- Attachment #1: Type: text/plain, Size: 188 bytes --]
It seems like modern browsers don't have the option to support old crypto,
eg on firefox setting security.version.tls.min to 0 still blocks SSLv3.
What do you use to access old equipment?
[-- Attachment #2: Type: text/html, Size: 217 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] What do you use for appliances with old SSL?
2015-11-24 23:33 [gentoo-user] What do you use for appliances with old SSL? Adam Carter
@ 2015-11-25 7:11 ` J. Roeleveld
2015-11-25 18:46 ` Mick
0 siblings, 1 reply; 4+ messages in thread
From: J. Roeleveld @ 2015-11-25 7:11 UTC (permalink / raw
To: gentoo-user
On 25 November 2015 00:33:57 CET, Adam Carter <adamcarter3@gmail.com> wrote:
>It seems like modern browsers don't have the option to support old
>crypto,
>eg on firefox setting security.version.tls.min to 0 still blocks SSLv3.
>What do you use to access old equipment?
A virtual machine with an old browser which is only used to access these devices.
--
Joost
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] What do you use for appliances with old SSL?
2015-11-25 7:11 ` J. Roeleveld
@ 2015-11-25 18:46 ` Mick
2015-11-26 5:19 ` Adam Carter
0 siblings, 1 reply; 4+ messages in thread
From: Mick @ 2015-11-25 18:46 UTC (permalink / raw
To: gentoo-user
[-- Attachment #1: Type: Text/Plain, Size: 673 bytes --]
On Wednesday 25 Nov 2015 07:11:39 J. Roeleveld wrote:
> On 25 November 2015 00:33:57 CET, Adam Carter <adamcarter3@gmail.com> wrote:
> >It seems like modern browsers don't have the option to support old
> >crypto,
> >eg on firefox setting security.version.tls.min to 0 still blocks SSLv3.
> >What do you use to access old equipment?
>
> A virtual machine with an old browser which is only used to access these
> devices.
>
> --
> Joost
A less onerous method, but potentially more insecure unless you revert the
setting for day to day usage, is to type 'about:config' and set
security.tls.version.min to 0, before you restart FF.
--
Regards,
Mick
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [gentoo-user] What do you use for appliances with old SSL?
2015-11-25 18:46 ` Mick
@ 2015-11-26 5:19 ` Adam Carter
0 siblings, 0 replies; 4+ messages in thread
From: Adam Carter @ 2015-11-26 5:19 UTC (permalink / raw
To: gentoo-user@lists.gentoo.org
[-- Attachment #1: Type: text/plain, Size: 483 bytes --]
>
> A less onerous method, but potentially more insecure unless you revert the
> setting for day to day usage, is to type 'about:config' and set
> security.tls.version.min to 0, before you restart FF.
>
>
Restarting doesnt help (with FF 42 at least). Message is "Firefox cannot
guarantee the safety of your data on xxxx because it uses SSLv3, a broken
security protocol.
Advanced info: ssl_error_unsupported_version".
I'm using FF through stunnel at the moment and its good enough.
[-- Attachment #2: Type: text/html, Size: 900 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-11-26 5:19 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-11-24 23:33 [gentoo-user] What do you use for appliances with old SSL? Adam Carter
2015-11-25 7:11 ` J. Roeleveld
2015-11-25 18:46 ` Mick
2015-11-26 5:19 ` Adam Carter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox