This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author heikki
Recipients heikki
Date 2008-08-19.03:06:15
SpamBayes Score 0.000581115
Marked as misclassified No
Message-id <1219115176.99.0.339604404005.issue3596@psf.upfronthosting.co.za>
In-reply-to
Content
There should be a way to disable SSLv2 since it is insecure. It would be
even better if SSLv2 was disabled out of the box, but maybe there could
be a way to re-enable it.

I made the default to disable SSLv2 in M2Crypto, but those that want it
can explicitly request unsecure connection. You can take a look at
http://svn.osafoundation.org/m2crypto/trunk/M2Crypto/SSL/Context.py to
see how I did it.

Modern web browsers are also removing SSLv2 support from them, so it
should be really rare to actually need v2 anywhere.
History
Date User Action Args
2008-08-19 03:06:17heikkisetrecipients: + heikki
2008-08-19 03:06:16heikkisetmessageid: <1219115176.99.0.339604404005.issue3596@psf.upfronthosting.co.za>
2008-08-19 03:06:16heikkilinkissue3596 messages
2008-08-19 03:06:15heikkicreate