Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
Already on GitHub? Sign in to your account
SSL 3.0 Should Be Disabled; TLS 1.0 Should Be Minimum Version #612
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
harding commentedOct 20, 2014
According to Netcraft, Bitcoin.org allows SSL 3.0 connections but these connections are vulnerable to the recently-disclosed POODLE MITM attack.
I recommend setting the server's minimum protocol to TLS 1.0 as outlined in the above article. I think this is the documentation for the correct config setting.