SSLv2 - do we really need it?
Nick Barcet
nick.barcet at canonical.com
Mon Jul 21 16:42:40 UTC 2008
Kees Cook wrote:
> If we consider such things to be a corner-cases, I would say that
> disabling SSLv2 in openssl makes sense -- we should provide a safe set
> of crypto function by default.
While I fully agree about this on the principle, I would disagree if the
method was to disable this at compile time in OpenSSL. I would consider
a conf file modification acceptable for the corner cases, not a
recompile. I am not sure which method was suggested by Ante to do the
change, though.
Nick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20080721/27beca90/attachment.pgp>
More information about the ubuntu-server
mailing list