On Thu, 23 Oct 2014 12:34:38 -0400 Richard Stallman <r...@gnu.org> wrote:
RS> I've read that falling back to ssl3 is a real security hole, RS> being exploited frequently. That feature should be removed. That's not really relevant to the bug report, but with GnuTLS you use priority strings to control this. Nikos, the GnuTLS maintainer, asked for feedback on disabling it in the default priority string in the mailing list: http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/7732 If you're using the Emacs GnuTLS integration, you simply set the priority string through `gnutls-algorithm-priority' to what works for you; for example "SECURE256:-VERS-SSL3.0". I'd rather wait for the final decision from the GnuTLS maintainer than change the Emacs default. If you're using the external s_client, you need to customize its invocation accordingly. HTH Ted -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
