By SecurityWeek News on May 17, 2016 Starting on June 16, 2016, the old SSLv3 and RC4 security protocols will no longer be supported on Google’s SMTP servers and on Gmail’s web servers.
Given the insecure status of both SSLv3 and RC4, Google announced in September last year that it would kill both protocols in its products. On Monday, the company revealed that it is removing support for the two standards in Google SMTP servers and Gmail web servers in 30 days.
Defined in 1996, Secure Sockets Layer (SSL) 3.0 was deemed insecure in 2014, because of the POODLE attack that affects all block ciphers in SSL. Given that the protocol is considered obsolete, the industry is transitioning to the more secure Transport Layer Security (TLS) protocol, currently at version 1.3, which is still a working draft. TLS, however, is also vulnerable to POODLE, researchers believe.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.