--On Tuesday, January 27, 2009 11:16:02 AM +0100 Jan Pechanec <Jan.Pechanec at Sun.COM> wrote:
> we realized that the fix was too aggressive I could have told you that, and probably should have. We tried deploying such a change back in November and immediately ran into several clients and servers that support only CBC-mode ciphers, even before the change made it out of alpha testing. Unfortunately, some of these cannot easily be upgraded. This has led me to strongly favor specifying more than one mandatory-to-implement algorithm in future protocols. -- Jeff
