So some time ago when the poodlebleed vulnerability came out in SSL3 we
added a way to set the minimum and maximum SSL/TLS versions the server
would accept (e.g. TLS1.1 <--> TLS1.2). Current versions of NSS
already use this range by default. I would like to remove/deprecate the
sslVersionMin/Max and just use what NSS uses by default (which should be
the system wide crypto policy).
Is anyone actually using sslVersionMin/Max? Do we really have a need
for it anymore?
--
389 Directory Server Development Team
_______________________________________________
389-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
