Talk:Security/Server Side TLS: Difference between revisions

Jump to navigation Jump to search

Talk:Security/Server Side TLS (view source)

Revision as of 21:00, 30 May 2014

783 bytes added ,  30 May 2014
m
no edit summary
mNo edit summary
Line 113: Line 113:


Actually, yes: we privilege backward compatibility. In the future, we want to selectively disable SSLv3 on sites that don't need to be backward compatible that far in time. But for now we recommend it everywhere.
Actually, yes: we privilege backward compatibility. In the future, we want to selectively disable SSLv3 on sites that don't need to be backward compatible that far in time. But for now we recommend it everywhere.
==== NetScaler TLS 1.2 DHE issue reference? ====
Re "There is an issue with Netscaler's TLS1.2 and DHE ciphers. When DHE is used, the TLS handshake fails with a fatal 'Decode error'. TLS1.2 works fine with AES and RC4 ciphers."
Is there a release note from Citrix on this issue which can be referenced here? If discovered via testing, what NetScaler model and firmware where used in the testing?
We've not seen problems with TLS 1.2 and DHE on MPX class boxes running "NetScaler NS10.1: Build 124.13.nc" firmware, wondering if the problem witnessed was due to issue in a specific firmware release or possibly sporadically occurring so not easily reproduced.
It is worth noting that the virtualized (VPX) NetScaler model does not yet support TLS 1.1/1.2 in any firmware version.
Jimjcollins
Confirmed users
2

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/984478"

Navigation menu