Affecting SSLv3 has been disabled

Published: | Categories: Privacy & Security


In response to the POODLE attack reported by Google, SSL version 3.0 has been disabled by default in Firefox 34 (Beta 3 and later). Firefox ESR for organizations will also disable SSLv3 in the version 31.3.0. According to a comment in the bug, approximately 1% of the Alexa top 1 million domains will be affected by this change due to their SSLv3 requirements. Sites require SSLv3 should upgrade to a recent version of TLS as soon as possible. See the Mozilla Security Blog for details. Please report affected sites as the blockers of Bug 1085138.