Am Samstag 28 August 2010 schrieb Wan-Teh Chang:
SSL 2.0 is an old and insecure protocol. No products
should be using SSL 2.0 today. But removing the SSL
2.0 code from NSS has one major benefit to the continual
development of NSS's SSL library: it'll make the code
base easier to maintain.
Hanno Böck wrote:
May I make a provocative enhancement proposal? Just remove SSLv3 altogether
with it.
The reason are bugs like this:
https://bugzilla.mozilla.org/show_bug.cgi?id=450280
I think this is unfixable as long as one wants to support SSLv3 (see comment
#15),
though when using
On Aug 28, 10:08 am, Nelson Bolyard nonelsons...@nobolyardspam.me
wrote:
On 2010-08-27 16:48 PDT, Michael Smith wrote:
We're not really looking for a couldn't be compromised solutions -
this is a requirement from a company we're partnering with, not our
idea, and they basically just want
On Mon, Aug 30, 2010 at 8:12 AM, Brian Smith br...@briansmith.org wrote:
Wan-Teh Chang wrote:
I propose that we remove SSL 2.0 support from the NSS trunk (NSS 3.13).
Would this include support for SSLv2-v3 upgrade hellos?
I forgot to talk about this issue. We'll need to keep the
server-side
On 2010/08/30 17:32 PDT, Wan-Teh Chang wrote:
On Mon, Aug 30, 2010 at 8:12 AM, Brian Smith br...@briansmith.org wrote:
Wan-Teh Chang wrote:
I propose that we remove SSL 2.0 support from the NSS trunk (NSS 3.13).
The entire gather logic, by which incoming records are received,
could be
5 matches
Mail list logo
