+1 > On Apr 10, 2016, at 8:42 AM, Phil Sorber <sor...@apache.org> wrote: > > I'd like to propose that we deprecate SSLv2 and SSLv3 in ATS 6.2.0 and > remove it in 7.0.0. > > Currently our defaults do not enable them and have been that way for about > a year now. For 6.2.0 I'd like to mark them deprecated in the > documentation, and then we remove the code for 7.0.0. This will mean that > as of 7.0.0 you will not be able to enable SSLv2/3 even if your OpenSSL > library supports it. > > Appreciate any feedback. > > Thanks.
- Deprecation of SSL v2/3 Phil Sorber
- Re: Deprecation of SSL v2/3 Leif Hedstrom
- Re: Deprecation of SSL v2/3 Theo Schlossnagle
- Re: Deprecation of SSL v2/3 Igor Galić
- Re: Deprecation of SSL v2/3 Uri Shachar
- Re: Deprecation of SSL v2/3 Masaori Koshiba
- Re: Deprecation of SSL v2/3 Dave Thompson
- Re: Deprecation of SSL v2/3 xuchao
- Re: Deprecation of SSL v2/3 Dave Thompson
- RE: Deprecation of SSL v2/3 Steven R. Feltner
- Re: Deprecation of SSL v2/3 Sudheer Vinukonda
- Re: Deprecation of SSL v2/3 Yongming Zhao
- Re: Deprecation of SSL v2/3 Phil Sorber
