On Mon, Dec 08, 2014 at 09:16:45AM +0100, Daniel Pocock wrote: > > Hi all, > > I've made some changes to TLS code in reSIProcate > > - setting OpenSSL's SSL_OP_NO_SSLv3 by default when using SSLv23_method()
This has no effect in jessie. SSLv2 and SSLv3 are disabled if you use the SSLv23_* methods. The only way to enable SSLv3 is to use the SSLv3_* methods. You should always use the SSLv23 method as those are the only that support more than 1 protocol version. I would love to see people stopping the SSLv3 methods, and they have been removed in experimental. I'm also working on only having the SSLv23 method available. Kurt -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
