On Thu, 23 Oct 2014 20:00:08 +0200 Florian Weimer <[email protected]> wrote: > * Richard Stallman: > > > I've read that falling back to ssl3 is a real security hole, > > being exploited frequently. That feature should be removed. > > GNUTLS automatically and securely upgrades to a TLS protocol if > supported by the server. Dropping SSL 3.0 support altogether will > only encourage unencrypted connections instead.
I disagree. It will encourage people to upgrade from a flawed protocol to one that works. Many people running servers are utterly unaware that there's anything wrong with what they're using right now -- if you leave in support forever, they'll never figure it out. Perry -- Perry E. Metzger [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
