Tuesday October 14, 2014

Maintenance

SSLv3 disabled

We've removed support for the SSLv3 protocol from all of Slack's secure services in response to today's disclosure of the POODLE vulnerability. This change keeps your Slack conversations private no matter how you access Slack: Through your browser, using the Slack app on any platform, or through our IRC and XMPP gateways. All of Slack's supported clients support at least TLS 1.0 so we anticipate you'll have no trouble continuing to use Slack after this change.

You can read more about POODLE on <a href="http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html">Google's Online Security Blog</a>.

11:38 PM PST

Status

Maintenance