SSLv2 - do we really need it?

James Dinkel jdinkel at
Tue Jul 22 02:07:54 UTC 2008

On Mon, Jul 21, 2008 at 11:51 AM, Steve Langasek
<steve.langasek at> wrote:
> On Mon, Jul 21, 2008 at 09:28:37AM -0700, Kees Cook wrote:
>> If we consider such things to be a corner-cases, I would say that
>> disabling SSLv2 in openssl makes sense -- we should provide a safe set
>> of crypto function by default.
> How will users who need SSLv2 support re-enable it?

I suppose they could compile from source...

More information about the ubuntu-server mailing list