On Sat, Aug 16, 2014 at 07:45:43AM +0100, Dominyk Tiller wrote:
> I'm pretty sure I read somewhere in the OpenSSL documentation that the
> recommended default level for compile is level 1, which kills the ssl2
> option, but effectively Homebrew has been building with level 0
> default thus far.
SSLv2 is off by default (excluded by the DEFAULT cipherlist), even
without disabling support for it at compile time.
Security levels are only on the master development branch of OpenSSL,
which has not been officially released. Homebrew users should be
using 1.0.1 or soon 1.0.2 after than is released.
So security levels, whose design IMHO is not yet entirely done,
should not be in the picture at this time.
> Did I completely hallucinate the documentation recommendation of
> default level 1 security or is that actually somewhere?
You may be confusing the master branch with stable releases.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
