FlightAware Discussions

SSLv2 and SSLv3 being disabled for FlightXML on Monday Nov 3

We are responding to the vulnerability in the SSLv3 protocol (CVE-2014-3566) commonly referred to as ‘POODLE’ by disabling SSLv3 for all incoming traffic into the FlightAware platform. We are disabling SSLv2 at this time as well.

Any FlightXML applications connecting via HTTPS will need to support TLSv1. If you are connecting via plaintext HTTP, then no changes will be necessary.