The Wayback Machine - https://web.archive.org/web/20160827004102/https://community.qualys.com/thread/12496
Skip navigation
Error: You don't have JavaScript enabled. This tool uses JavaScript and much of it will not work correctly without it enabled. Please turn JavaScript back on and reload this page.
    1 Reply Latest reply on Feb 26, 2014 3:32 AM by Ivan Ristic

    Apple finally releases patch for BEAST

    BoerenkoolMetWorst Level 1
    BoerenkoolMetWorst Feb 26, 2014 2:51 AM

      Apple has implemented 1/n-1 migitation enabled by default in Safari in the latest OS X 10.9.2 update, so TLS below v1.1 is now also protected.

      If RC4 is used but not with TLS 1.1 and newer, SSL server test does not give a warning/yellow text. Perhaps this can be changed now all major browsers support 1/n-1 record splitting in order to speed up the deprecation of RC4.

       

      EDIT: Would it be possible to update the SSL Client test to check for /n-1 record splitting, so we can check less popular and mobile clients?

        More Like This

        Legend

        • Correct Answers - 10 points
        Morty Proxy This is a proxified and sanitized view of the page, visit original site.