
Disabling SSLv3 and RC4 - helper
http://googleonlinesecurity.blogspot.com/2015/09/disabling-sslv3-and-rc4.html
======
weavie
If you run an SSL server it is well worth running it through
[https://www.ssllabs.com/ssltest/index.html](https://www.ssllabs.com/ssltest/index.html)
to spot any config errors. It was this that spotted I had SSLv3 enabled. I
would have been completely clueless otherwise.

~~~
devNoise
Once you've checked your server, then you can head over to
[https://mozilla.github.io/server-side-tls/ssl-config-
generat...](https://mozilla.github.io/server-side-tls/ssl-config-generator/)
and get an idea of how to change your server's SSL configuration.

~~~
ashmud
Anything like this for IIS that shows client compatibility?

The only configuration tool I know of is
[https://www.nartac.com/Products/IISCrypto/](https://www.nartac.com/Products/IISCrypto/).

------
insertnickname
Maybe once major browsers all disable RC4, my bank will finally stop using it.
Or maybe they'll just sit on their hands and tell people to use IE6. I don't
know. Anything is possible when they're using such a ridiculous TLS config in
2015 (only TLS 1.0, only 3DES and RC4).

~~~
stephengillie
Isn't 3DES still "considered secure"? I know DES has been broken, but major
Cloud hosts still recommend 3DES in their VPNs.

~~~
delan
It's only secure when used with TLS 1.1+ where it has an effective security of
112 bits. Otherwise it is susceptible to the BEAST attack, like any other CBC
cipher suite, unless the client has been updated to mitigate the attack.

------
ademarre
This is a good move.

As an aside, I thought this was a funny appeal to authority:

> _SSLv3 has been obsolete for over 16 years and is so full of known problems
> that the IETF has decided that it must no longer be used._ <link to RFC
> 7568[0]>

This blog post was written by Adam Langley, who is also one of the authors of
RFC 7568.

[0] [https://tools.ietf.org/html/rfc7568](https://tools.ietf.org/html/rfc7568)

------
kijin
The only mainstream browser that doesn't support TLSv1 by default is IE6, and
it's been dead for quite some time.

(At one of my API endpoints, I'm seeing IE6 market share in the range of
0.013%. And this is in South Korea where IE market share is abnormally high to
begin with, so I'm sure the numbers are even lower in most other parts of the
world.)

So this change has more to do with API clients than browsers. Unfortunately, a
lot of API clients are still written for, and run on, grossly outdated
platforms. For example, Java 1.4 is as old as IE6, but one still sees it in
the wild from time to time.

------
AhtiK
Requiring Server Name Indication (SNI) extension is quite significant as if I
understand correctly then this blocks Windows XP to access any of the Google
services with any version of Internet Explorer.

~~~
michaelt
I'm not sure it's all that significant - it's been inevitable for years, and
Chrome and Firefox will still work.

Running a 14-year-old browser on a 14-year-old OS and complaining about
support being dropped is like running a computer with 256MB of RAM and
complaining you can't play the latest games :)

------
DiabloD3
We still need the other side of this: Chrome, Firefox, MSIE, and Safari need
to start refusing to negotiate SSLv3 and RC4.

~~~
agl
Chrome has already disabled SSLv3 (as have other browsers). We have also
announced the planned removal of RC4 early next year:
[https://groups.google.com/a/chromium.org/forum/#!msg/securit...](https://groups.google.com/a/chromium.org/forum/#!msg/security-
dev/kVfCywocUO8/vgi_rQuhKgAJ). (As have Mozilla and Microsoft.)

~~~
DiabloD3
Thanks.

~~~
ademarre
The closed Firefox bug:
[https://bugzilla.mozilla.org/show_bug.cgi?id=1106470](https://bugzilla.mozilla.org/show_bug.cgi?id=1106470)

------
cm2187
What I don't understand is how google can be comfortable to use TLS on their
SMTP service given that it is vulnerable to a STARTTLS downgrade MITM attack.
It's like switching from old encryption to optional encryption.

~~~
dchest
They also support SMTP over TLS, which isn't vulnerable. Not sure what you
mean about switching, perhaps you're confusing terms? TLS != STARTTLS.

~~~
cm2187
I was under the impression that STARTTLS was the only implementation of SMTP
over TLS.

If major providers do not respect the STARTTLS protocol and effectively make
encryption mandatory that makes me happy. But as far as I know the standard
says STARTTLS is optional.

~~~
jlgaddis
SMTPS (SMTP-over-SSL/TLS) still exists in some places (465/TCP) although it
was technically deprecated a long time ago.

------
PaulBurke
If you want to get rid of POODLE vulnerability due to SSLv3,

Here's how you can solve it in Google Chrome, Firefox & IE -
[http://bit.ly/disable-SSLv3](http://bit.ly/disable-SSLv3)

