SSLv2 - do we really need it?
James Dinkel
jdinkel at gmail.com
Tue Jul 22 03:07:54 BST 2008
On Mon, Jul 21, 2008 at 11:51 AM, Steve Langasek
<steve.langasek at canonical.com> wrote:
> On Mon, Jul 21, 2008 at 09:28:37AM -0700, Kees Cook wrote:
>
>> If we consider such things to be a corner-cases, I would say that
>> disabling SSLv2 in openssl makes sense -- we should provide a safe set
>> of crypto function by default.
>
> How will users who need SSLv2 support re-enable it?
>
I suppose they could compile from source...
More information about the ubuntu-devel
mailing list