[CentOS] Firefox 38 and Older TLS sites

Thu May 14 12:36:20 UTC 2015
Hal Wigoda <hal.wigoda at gmail.com>

Learn English.

On Wed, May 13, 2015 at 10:35 AM, Johnny Hughes <johnny at centos.org> wrote:

> On 05/13/2015 06:57 AM, Tris Hoar wrote:
> > On 13/05/2015 11:12, Johnny Hughes wrote:
> >> All,
> >>
> >> Red Hat released the source code for Firefox 38.  We have (or willbe
> >> today) releasing this for CentOS-5, CentOS-6, and CentOS-7.
> >>
> >> It does not, by default, connect to https sites with TLS less than 1.2.
> >> This means it will not connect to sites on CentOS-5, for example ..
> >> there are many others.
> >>
> >> In any event, here is a wiki article that explains potential issues and
> >> workarounds:
> >>
> >> http://wiki.centos.org/TipsAndTricks/Firefox38onCentOS
> >>
> >
> > Hi Johnny,
> >
> > My reading of https://access.redhat.com/node/1422403 is Firefox 38 will
> > connect to sites using TLS 1.0 and 1.1. But ONLY if the server correctly
> > negotiates the connection. This should only effect sites that close the
> > initial connection due to not understanding TLS 1.2.
> >
> > A quick test connecting to a RHEL5 server over HTTPS with Firefox 38
> > shows it has established a TLS 1.0 connection so this should not really
> > effect CentOS 5.
> >
>
> You are correct, it will not automatically negotiate a downgrade only.
> Thank goodness.  Still will impact a lot of sites, but not all non TLS 1.2.
>
> Thanks,
> Johnny Hughes
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>


-- 
-----------------
Hal Wigoda
Chicago