> > If we have another vote supporting only the -SSLv2 / default ciphers > > bits from rjung's proposed patch to httpd.conf.in - then I'm also > > happy to kill SSLv2 from the default config of this final tarball. > > I've gone ahead and created a patch of that small subset for > > consideration in http://people.apache.org/~wrowe/2.0-ssl-noV2.patch
I realized that the ~rjung patch was missing the indicated MSIE changes, and the ssl how-to docs disagreed with the new config, it seems both of those patches has slipped from his changeset. I've re-proposed the patch with those two additional changes, and would appreciate a quick once-over to confirm it all looks good. The CHANGES patch is probably more illuminating to reviewers than the STATUS entry itself. TIA, Bill
