On Wed, Jun 12, 2013 at 3:49 PM, William A. Rowe Jr. <wr...@rowe-clan.net> wrote: > On Wed, 12 Jun 2013 21:24:31 +0200 > Reindl Harald <h.rei...@thelounge.net> wrote: >> >> well, on Redhat systems in "/etc/sysconfig/httpd" put the line >> "OPENSSL_NO_DEFAULT_ZLIB=1" did disable it before httpd >> offered a option, but IHMO any server software should >> come with as much as secure defaults if they do not hurt > > Nothing special about httpd. That is an OpenSSL flag (a patch > still not adopted upstream AIUI) but it controls default behavior, > not negotiated behavior.
Comment 5 seems to say it controls what the server is willing to negotiate. What contrast were you drawing above? https://bugzilla.redhat.com/show_bug.cgi?id=857051
