Yes, nefarious types would eventually figure it out, but we probably shouldn't lay out the red carpet for them either...:)
R. -----Original Message----- From: [EMAIL PROTECTED] on behalf of William A. Rowe, Jr. Sent: Thu 8/10/2006 3:44 PM To: openssl-users@openssl.org Subject: Re: CHecking the version of OpenSSL Randy Turner wrote: > I would probably consider the publishing of the openssl version on the web > server announcment message as a security issue. And some of us would laugh in your general direction ;-) Exploiters don't need to know, they can just persist till they find a known exploit. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]