On Fri, Nov 07, 2014 at 10:58:22PM +0100, Peter Meiser wrote: > Hi Julian, > > looking at your solution for bug #767301, you use TLSv1_client_method() > instead of SSLv3_client_method. > > Why did you use this method instead of SSLv23_client_method()? Because with > SSLv23_client_method, TLS/SSL connection established with this method may > understand the SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols and is not > limited to TLSv1. > > Just my thoughts. > Best regards, > Peter
Hi Peter, You are right, I could have used SSLv23_client_method, and that would look nicer. However, AFAICT it would make no difference, as openssl is now configured with no-ssl2 no-ssl3, so SSLv23_client_method will only use TLSv1 anyway. Or am I wrong on this? Julian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org