https://issues.apache.org/ooo/show_bug.cgi?id=119090
Pedro Giffuni <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #24 from Pedro Giffuni <[email protected]> 2012-03-25 23:05:37 UTC --- I am OK about enforcing higher security by default, however I am concerned on making the NSS mandatory to interoperate. NSS is Category B software and is rather outdated (security issues likely). If we make such functionality default we should use OpenSSL instead but as discussed in the list long ago, someone will have to provide patches for that. I think the patch solves the issue without prohibiting higher encrytion level so I think its a reasonable option for 3.4 Release. -- Configure bugmail: https://issues.apache.org/ooo/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
