Florian Weimer <fwei...@redhat.com>: The purpose of the option is to make totally broken applications a bit less > secure (when they happen to certain servers).
I'd claim it's meant to make totally broken applications a bit *more* secure :-) > From my point of view, there is only one really good reason to have this > client-side option—so that you can test the server-side support. That's > why I implemented it for OpenJDK as well. Application should *never* use > it because it does not really solve anything. If you have fallback code, > your application is still insecure. Right, ideally testing will be the only use of this option. Bodo
