> On Apr 10, 2016, at 7:42 AM, Phil Sorber <sor...@apache.org> wrote: > > I'd like to propose that we deprecate SSLv2 and SSLv3 in ATS 6.2.0 and > remove it in 7.0.0. > > Currently our defaults do not enable them and have been that way for about > a year now. For 6.2.0 I'd like to mark them deprecated in the > documentation, and then we remove the code for 7.0.0. This will mean that > as of 7.0.0 you will not be able to enable SSLv2/3 even if your OpenSSL > library supports it.
Makes sense to me, +1. — Leif
