Christopher wrote: > A new version of openssl was just released to address some Potential > cryptographic weakness. > > http://isc.sans.org/diary.php?storyid=744 > http://www.openssl.org/news/secadv_20051011.txt > > Hopefully there will be a new version available for TSL sometime during > Comodo Trustix workhours. > > I've already disabled SSLv2 with "!SSLv2" so I think I'm safe, but > wanted to let you know..
iirc, SSLv2 is only used by a few very old webservers, and you have to go back to browsers prior to netscape 4.x to find one without SSLv3 support - so, in my opinion, SSLv2 can safely be removed from most places. - Be aware that I /may/ be wrong -- Morten _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
