[exim-dev] SSLv2 and Exim 4.80

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M 
MTed Cooper at ->
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: exim-dev
Subject: [exim-dev] SSLv2 and Exim 4.80
Crap! I'd meant to disable SSLv2 by default for Exim 4.80, per RFC
6176, "Prohibiting Secure Sockets Layer (SSL) Version 2.0". I asked on
mailops@, got stats, confirmed that SSLv3 is still around (but fading)
and SSLv2 is gone. Completely gone.

I see my openssl_disable_ssl2 branch only exists locally. Grr. Forgot
about it!

This is important, we've already got the "breaking some backwards
compatibility" release, and AFAICT, SSLv2 is unused. In addition, note
that GnuTLS does not support, and never has supported, SSLv2.

I am going to pull in the feature, test, but probably not cut RC7 just
for this.

-Phil

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] 4.80 final?Re: [exim-dev] SSLv2 and Exim 4.80->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)