It's certainly possible to insist on SSLv3 or TLSv1 for SSL
and nothing[*] will break. The client and server will negotiate to
mutually acceptable cipher and protocol level at the point of
This seems to be less painful than I was anticipating... Besides
apache, I had to figure out how to boost the security on IMAP and POP
3 connections. I'm using Courier, so this was pretty simple... just
added the following to the imap and pop ssl config files:
I'm going to resubmit the server... hopefully it will pass this time.
But I wonder why the defaults for Apache and Courier are to accept
SSL 2, if it is so problematical?
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"