SSL/TLS security upgrades vs. older browsers

We have updated the OpenSSL installations on all CSAIL Debian machines, including the official CSAIL Web servers, to address a security hole in the SSL/TLS protocols.

The following browsers will be unable to access certificate-protected Web sites on the servers courses, groups, mit-only, people, and projects:

Broken browser Suggested solution
Iceweasel on CSAIL Debian, version 3.0.x See section 2 of DebianUpgrades20101012, or email help.
Firefox versions below 3.5.9 (and 3.6.x below 3.6.2) Upgrade to Firefox 3.6 and make sure Help -> Check for Updates functions properly
Internet Explorer (versions unclear) Upgrade Internet Explorer, apply security bulletin MS10-049 = KB980436, and/or check your Automatic Update settings
Safari and Chrome on Mac OS (all versions) Not yet patched (bug in OS libraries)
(other browsers) (see http://www.phonefactor.com/sslgap/ssl-tls-authentication-patches )

If you still can't connect, please check whether your CSAIL certificate has expired. See: CertificatesIntro.
Topic revision: 03 Feb 2012, ArthurProkosch
 

MIT Computer Science and Artificial Intelligence Laboratory

 

  • About CSAIL
  • Research
  • News + Events
  • Resources
  • People

This site is powered by Foswiki MIT: Massachusetts Institute of Technology