Forum Discussion

Nimbostratus

Dec 10, 2014

POODLE Again - Can't apply Perfect Forward Secrecy (PFS) after applying !SSLv3:RC4-SHA

Hi, I had "ECDHE:NATIVE:!MD5:!EXPORT:!DES:!DHE:!EDH:!RC4:!SSLv3", in my cipher string and my rating was A+. With the New POODLE Vulnerability threat and receiving the error from SSL Lab Th...

SIRT

Feb 17, 2015

The only ciphers on BIG-IP that are NOT subject to TLS POODLE are RC4 and, post 11.5.0, AES-GCM. All other ciphers are CBC and therefore vulnerable unless you upgrade to a patched version. You can't use any other cipher without getting the 'F' grade, so upgrading to a patched version is the right move.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)