On 12 February 2016 at 21:29, Salz, Rich <[email protected]> wrote: > > > Well, it would be a major compatibility break for 1.0.2 and earlier, so > no go > > there. As for 1.1.0, folks > > Or those who trust us to say what HIGH means should, well, not be lied to. > > Something must be changed for 1.1 Either 3DES moves out of HIGH or the > definition of HIGH as documented in the manpage must change. > > ​Personally I think the fact that HIGH includes ciphersuites that offer no MITM protection means that those who trust it have already been totally betrayed.
Rich. ​
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
