On 2012-05-21 06:20, Phil Pennock wrote:
> I'll make it an Exim tunable option as a max clamp and default it to the
> NSS value of 2236.
Great! Good idea to make it tunable. Why repeat NSS's mistakes. I expect
to soon see some other software hitting a similar limit as well, so it
is a good idea that it can be configured down to 1024 when needed,
without recompiling. Someone must have some ridiculously old TLS
implementation in production use.
I was about to file a NSS bug about increasing their hard limit, but
noticed that a bug exists already:
https://bugzilla.mozilla.org/show_bug.cgi?id=636802
It is already more than a year old and nothing has happened. I added my
own comment to it. My past experience with Mozilla bugs is that it can
easily take more than 5 years before anything happens, no matter how
trivial or obviously needed the change is...
Maybe people should file bugs with their OS vendors so that they can
patch this in their packaging while the dinosaur is considering its next
move?
--
Janne Snabb / EPIPE Communications
snabb@??? -
http://epipe.com/