On 05/13/2015 06:57 AM, Tris Hoar wrote: > On 13/05/2015 11:12, Johnny Hughes wrote: >> All, >> >> Red Hat released the source code for Firefox 38. We have (or willbe >> today) releasing this for CentOS-5, CentOS-6, and CentOS-7. >> >> It does not, by default, connect to https sites with TLS less than 1.2. >> This means it will not connect to sites on CentOS-5, for example .. >> there are many others. >> >> In any event, here is a wiki article that explains potential issues and >> workarounds: >> >> http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS >> > > Hi Johnny, > > My reading of https://access.redhat.com/node/1422403 is Firefox 38 will > connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly > negotiates the connection. This should only effect sites that close the > initial connection due to not understanding TLS 1.2. > > A quick test connecting to a RHEL5 server over HTTPS with Firefox 38 > shows it has established a TLS 1.0 connection so this should not really > effect CentOS 5. > You are correct, it will not automatically negotiate a downgrade only. Thank goodness. Still will impact a lot of sites, but not all non TLS 1.2. Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150513/3308734f/attachment-0005.sig>