Message71404
There should be a way to disable SSLv2 since it is insecure. It would be
even better if SSLv2 was disabled out of the box, but maybe there could
be a way to re-enable it.
I made the default to disable SSLv2 in M2Crypto, but those that want it
can explicitly request unsecure connection. You can take a look at
http://svn.osafoundation.org/m2crypto/trunk/M2Crypto/SSL/Context.py to
see how I did it.
Modern web browsers are also removing SSLv2 support from them, so it
should be really rare to actually need v2 anywhere. |
|
Date |
User |
Action |
Args |
2008-08-19 03:06:17 | heikki | set | recipients:
+ heikki |
2008-08-19 03:06:16 | heikki | set | messageid: <1219115176.99.0.339604404005.issue3596@psf.upfronthosting.co.za> |
2008-08-19 03:06:16 | heikki | link | issue3596 messages |
2008-08-19 03:06:15 | heikki | create | |
|