On Nov 12, Thijs Kinkhorst <th...@debian.org> wrote: > Can you remove SSLv3 from the default list? I do not know the implications wrt clients support. Christian, did you do any tests?
> >> +=item I<tlscompression> > >> +Whether to enable or disable TLS compression support (boolean). The > >> +default is true. > Can we default this to false? This is not really useful because CRIME cannot be exploited over NNTP. -- ciao, Marco
pgp67An6_kVQD.pgp
Description: PGP signature