On 23/10/09 17:06 +0200, Hartmut Goebel wrote: > Hi, > > as promised some week ago ;-\ I wrote some requirements specification > for the SSL implementation. > <http://code.google.com/p/tryton/wiki/RequirementsSSL> >
I don't agree with: - The Tryton client must not fall back to non-SSL communication, but deny connection. - The user must be able to request SSL when setting up a connection to the server. SSL is only a configuration on the server side. - The administrator should be able to configure the client in a way hat only SSL connections are allowed and the user is not allowed to change this option. I don't understand. Who is administrator? - Minimum SSL version to be used: SSLv3 Why? It can be just an option on the server side. -- Cédric Krier B2CK SPRL Rue de Rotterdam, 4 4000 Liège Belgium Tel: +32 472 54 46 59 Email: [email protected] Jabber: [email protected] Website: http://www.b2ck.com/
pgpECLu671Gje.pgp
Description: PGP signature
