SSLv2 - do we really need it?

Scott Kitterman ubuntu at
Sun Jul 27 17:09:50 UTC 2008

On Sunday 27 July 2008 07:49, Ante Karamatic wrote:
> On Sat, 26 Jul 2008 13:27:52 -0600
> Neal McBurnett <neal at> wrote:
> > So I'm confused about what Steve said.  I don't fully grok the bug,
> > but it sounds to me like there is presumed to be an IBM LDAP product
> > out there that can't be connected to because of lack of sslv2 support
> > in Ubuntu gnutls.
> That bug isn't about the SSLv2.
> That client supports newer versions of SSL (cause if you specify SSL3
> as a connection protocol connection is established).
> Most probably this is a bug in GnuTLS, but unrelated to SSL2. Cause
> connecting directly to some servers over SSL3 and/or TLS produces
> error in handshake. But connecting to those servers with firefox's NSS
> or openssl, there are no problems (connection is established over TLS1).

Does GnuTLS support SSLv2 and if so, we ought to kill it there too.

Scott K

More information about the ubuntu-server mailing list