[gnutls-devel] disabling SSL 3.0 by default in 3.4.0

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Oct 16 00:17:22 CEST 2014


On 10/15/2014 05:40 PM, Peter Williams wrote:
> Some of us still use ssl v2
 [...]
> Dont rush, like lemmings.

we are well past the time that anyone who removes either sslv2 or sslv3
can be accused of "rushing" -- if you have special use cases that enable
you to privately use custom/non-standard protocols in ways that you
think are secure, that's fine.  No one will prevent you from doing that.

But please don't encourage the use of protocols with known problems on
the public 'net, where people need to interoperate with each other over
a known-hostile network.

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20141015/f857cea6/attachment.sig>


More information about the Gnutls-devel mailing list