This type of response to the list is unacceptable, and will result in moderation or removal from the list if it continues.
On 05/14/2015 07:36 AM, Hal Wigoda wrote:
Learn English.
On Wed, May 13, 2015 at 10:35 AM, Johnny Hughes johnny@centos.org wrote:
On 05/13/2015 06:57 AM, Tris Hoar wrote:
On 13/05/2015 11:12, Johnny Hughes wrote:
All,
Red Hat released the source code for Firefox 38. We have (or willbe today) releasing this for CentOS-5, CentOS-6, and CentOS-7.
It does not, by default, connect to https sites with TLS less than 1.2. This means it will not connect to sites on CentOS-5, for example .. there are many others.
In any event, here is a wiki article that explains potential issues and workarounds:
Hi Johnny,
My reading of https://access.redhat.com/node/1422403 is Firefox 38 will connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly negotiates the connection. This should only effect sites that close the initial connection due to not understanding TLS 1.2.
A quick test connecting to a RHEL5 server over HTTPS with Firefox 38 shows it has established a TLS 1.0 connection so this should not really effect CentOS 5.
You are correct, it will not automatically negotiate a downgrade only. Thank goodness. Still will impact a lot of sites, but not all non TLS 1.2.
Thanks, Johnny Hughes
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos