Drop support for SSL 2.0, SSL 3.0 and TLS1.0 in the reference TLS implementation shipped with YottaDB
Final Release Note
The encryption plugin shipped with YottaDB, which uses OpenSSL for TLS for replication and SOCKET devices) does not support SSL 2.0, SSL 3.0 and TLS 1.0 as these are vulnerable to cryptographic attacks (e.g., POODLE). The plugin continues to support the TLS 1.1 and TLS 1.2 protocols. [#375 (closed)]
Description
These versions are vulnerable to the POODLE attack. The reference TLS implementation will continue to support TLS 1.1 and TLS 1.2.
Draft Release Note
The YottaDB reference TLS implementation (that ships with the encryption plugin and uses OpenSSL for TLS replication and/or TLS-enabled sockets) no longer supports SSL 2.0, SSL 3.0 and TLS 1.0 as these are long known to be vulnerable to cryptographic attacks. It will continue to support the TLS 1.1 and TLS 1.2 protocols.