Proposal: environment variable to disable SSLv2/v3/TLSv1.0/etc individually

This idea comes via https://bugzilla.mozilla.org/show_bug.cgi?id=1083767 (which I realize isn't on openssl's rt, but given the enormity of the security problem I hope you'll forgive me). The proposal at that bug is to create an environment variable for NSS to enforce disablement of particular

RE: Proposal: environment variable to disable SSLv2/v3/TLSv1.0/etc individually

It's an interesting idea. I'll chat with the Moz folks. Best we could do is probably early patch to 1.0.2 __ OpenSSL Project http://www.openssl.org Development Mailing List