BL > ...and don't intend to fix their broken ECDSA support in Safari.
Apple really needs to fix their engineering process and broken
implementation. (And hire some QA personnel while they are at it...
This is something their lawyers can't fix with a change to their
license agreements).

Will the patch be applied to 0.9.8 and 1.0.1 branches?

If I can't wait for the patch in future stable releases (or don't want
to use SSL_OP_SAFARI_ECDHE_ECDSA_BUG), what are the other options? Can
I use a cipher_list to work around this? For example, can I prefer RSA
and DSS ciphers over ECDSA:

  const char* const PREFERRED_CIPHERS =

    /* TLS 1.2 only */

    /* TLS 1.2 only */


Thanks in advance.
OpenSSL Project                       
Development Mailing List             
Automated List Manager                 

Reply via email to