On Fri, Nov 07, 2014 at 10:58:22PM +0100, Peter Meiser wrote:
> Hi Julian,
> 
> looking at your solution for bug #767301, you use TLSv1_client_method() 
> instead of SSLv3_client_method.
> 
> Why did you use this method instead of SSLv23_client_method()? Because with 
> SSLv23_client_method, TLS/SSL connection established with this method may 
> understand the SSLv2, SSLv3, TLSv1, TLSv1.1 and TLSv1.2 protocols and is not 
> limited to TLSv1.
> 
> Just my thoughts.
> Best regards,
> Peter

Hi Peter,

You are right, I could have used SSLv23_client_method, and that would
look nicer.  However, AFAICT it would make no difference, as openssl
is now configured with no-ssl2 no-ssl3, so SSLv23_client_method will
only use TLSv1 anyway.

Or am I wrong on this?

   Julian


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to