SSLv3 has been irreparably broken since the POODLE attack 5 years ago.
RFC 7568 (f.k.a. draft-ietf-tls-sslv3-diediedie) prohibits its use in no uncertain terms, and proceeds to list everything that's broken with it.
SSLv3 MUST NOT be used.
Negotiation of SSLv3 from any version of TLS MUST NOT be permitted.
Major CDNs dropped support immediately upon the disclosure of POODLE. Google frontends followed in 2015. Mozilla called the end of SSL 3.0 in 2014.
In crypto/tls, SSLv3 is only supported on the server side, and is disabled by default. It's time we remove it entirely, as it's not just obsolete, but insecure.
I would like to mark it as deprecated in Go 1.13 and announce it in the release notes, also to get feedback on the impact, and then remove it in Go 1.14.
/cc @rsc @agl
SSLv3 has been irreparably broken since the POODLE attack 5 years ago.
RFC 7568 (f.k.a. draft-ietf-tls-sslv3-diediedie) prohibits its use in no uncertain terms, and proceeds to list everything that's broken with it.
Major CDNs dropped support immediately upon the disclosure of POODLE. Google frontends followed in 2015. Mozilla called the end of SSL 3.0 in 2014.
In
crypto/tls, SSLv3 is only supported on the server side, and is disabled by default. It's time we remove it entirely, as it's not just obsolete, but insecure.I would like to mark it as deprecated in Go 1.13 and announce it in the release notes, also to get feedback on the impact, and then remove it in Go 1.14.
/cc @rsc @agl