Quote:
Originally Posted by dgcom
I am aware of what the issue is. But I don't think you understand it - it is only good if BOTH sides are patched, which means that you can use SSLv3 if you control client and server - which is not the case here.
http://disablessl3.com/
Also, it seems that Fastmail supports week ciphers...
So the point is - if Fastmail claims to be on the top of the security, their servers should be NO WORSE than competitors, but that seems to be not the case currently.
|
Browsers have been patched for that vulnerability since mid 2014, Fastmail's servers are also patched. So I don't see what the problem is with SSLv3. Unless somehow someone chooses to use an unpatched browser, which may not even work.