On 2010-09-07 06:20 PDT, Konstantin Andreev wrote: > On 08/31/10 05:01, Nelson B Bolyard wrote: >> On 2010/08/30 17:32 PDT, Wan-Teh Chang wrote: >>> I propose that we remove SSL 2.0 support from the NSS trunk (NSS >>> 3.13). >> [... skip ...] >> >> It's something I wanted to do for YEARS, but for as long as I was >> employed to work on NSS, I was told that continued support for SSL2 was >> an ongoing business requirement. I am sad that the opportunity to make >> those simplifications did not come along until it was too late for me. > > Hello, Nelson. > > Do I understand right, - the current product (NSS) owner (Mozilla > Foundation ?) has no certain opinion regarding SSLv2 support ?
For years, NSS has been a collaboratively owned project, without any one collaborator being viewed at the exclusive, or even primary, owner. Today, the companies that continue to make significant contribution to NSS, either with development staff, or with IT support (servers of various kinds), or both, include Google, Red Hat, Oracle (formerly Sun), and Mozilla. The people whom I regard as the present NSS module owners are Bob and Wan-Teh, from Red Hat and Google, respectively. Regarding the companies who have sponsored the project in various ways: - Apparently Google (as represented by Wan-Teh) favors removing SSL2 support. - I do not know what position Red Hat has on this. (Bob?) - I believe Mozilla would not object at all, since they have disabled SSL2 support in their clients, but they provide only IT support. - When I worked at Sun (now Oracle), they believed they had ongoing obligations to support SSL2 for some of their customers. I imagine they will attempt to support those customers with a LOOOONG lived NSS 3.12 branch, and hence may not object to removing SSL2 from 3.13. But that's pure speculation on my part. (I hope Oracle's remaining NSS developer will speak to this here.) -- /Nelson Bolyard (speaking only for myself) -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
