On Thu, Oct 16, 2014 at 11:47:32AM +0200, Christoph Anton Mitterer wrote: > Package: openssl > Version: 1.0.1j-1 > Severity: wishlist > > > Hi. > > It seems that SSLv3 (and also v2) are disabled now, which is > first of all of course great for security reasons. > > But AFAICS, it's completely gone, i.e. one cannot even intentionally > enable it. > I mainly have s_client in my mind in order to allow testing. > > Is it somehow possible to still compile it but just don't use it > anywhere per default? Or even better disallow it's use anywhere > but e.g. from s_client?
That seems to be complicated to do, so I think it's unlikely that this is going to happen. Kurt -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
