SSLv2 - do we really need it?

Nick Barcet nick.barcet at
Mon Jul 21 16:42:40 UTC 2008

Kees Cook wrote:
> If we consider such things to be a corner-cases, I would say that
> disabling SSLv2 in openssl makes sense -- we should provide a safe set
> of crypto function by default.

While I fully agree about this on the principle, I would disagree if the
method was to disable this at compile time in OpenSSL.  I would consider
a conf file modification acceptable for the corner cases, not a
recompile.  I am not sure which method was suggested by Ante to do the
change, though.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the ubuntu-server mailing list