slackcoder/bitcoin - Bitcoin Code integration/staging tree

diff options

author	Gregory Maxwell <greg@xiph.org>	2014-12-06 07:08:02 -0800
committer	Wladimir J. van der Laan <laanwj@gmail.com>	2014-12-09 15:22:28 +0100
commit	0a94661e8db94e84ecbf1ea45a51fb3c7fb77283 (patch)
tree	db0b8e4a8bc698a25d7aafbe21c156815d136cf8 /doc
parent	bb424e4447a5b1e2f9592eed52f869426933f2c8 (diff)

Disable SSLv3 (in favor of TLS) for the RPC client and server.

TLS is subject to downgrade attacks when SSLv3 is available, and SSLv3 has vulnerabilities. The popular solution is to disable SSLv3. On the web this breaks some tiny number of very old clients. While Bitcoin RPC shouldn't be exposed to the open Internet, it also shouldn't be exposed to really old SSL implementations, so it shouldn't be a major issue for us to disable SSLv3. There is more information on the downgrade attacks and disabling SSLv3 at https://disablessl3.com/ . Rebased-From: 683dc4009b2b01699e672f8150c28e2ebe0aae19

Diffstat (limited to 'doc')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: