What would that accomplish? Downgrade attacks are bad and the point is to enable this unconditionally. Part of the calculation of the timing of this patch is that it's early enough in the cycle (I waited until just after 0.842 became stable) that if this approach proves too aggressive, it can be adjusted.
-- You received this bug notification because you are a member of Dcplusplus-team, which is subscribed to DC++. https://bugs.launchpad.net/bugs/1308290 Title: Require TLS 1.2 connections for ADCS Status in DC++: New Bug description: The same patch attached can be found at http://pastie.org/pastes/8760328 from two months ago. It's the resolution to https://dcpp.wordpress.com/2013/09/20/beast-crime- breach-and-lucky-13-assessing-tls-in-adcs/ This is meant as a trial patch: easy to add, and if it causes irresolvable problems, easy to remove without affecting much else. To manage notifications about this bug go to: https://bugs.launchpad.net/dcplusplus/+bug/1308290/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~linuxdcpp-team Post to : linuxdcpp-team@lists.launchpad.net Unsubscribe : https://launchpad.net/~linuxdcpp-team More help : https://help.launchpad.net/ListHelp
