SSLv2 - do we really need it?

Ante Karamatic ivoks at
Sun Jul 27 12:49:26 BST 2008

On Sat, 26 Jul 2008 13:27:52 -0600
Neal McBurnett <neal at> wrote:

> So I'm confused about what Steve said.  I don't fully grok the bug,
> but it sounds to me like there is presumed to be an IBM LDAP product
> out there that can't be connected to because of lack of sslv2 support
> in Ubuntu gnutls.

That bug isn't about the SSLv2.

That client supports newer versions of SSL (cause if you specify SSL3
as a connection protocol connection is established).

Most probably this is a bug in GnuTLS, but unrelated to SSL2. Cause
connecting directly to some servers over SSL3 and/or TLS produces
error in handshake. But connecting to those servers with firefox's NSS
or openssl, there are no problems (connection is established over TLS1).

More information about the ubuntu-devel mailing list