+1
On Tuesday, April 12, 2016 7:56 AM, Steven R. Feltner
<[email protected]> wrote:
+1
> -----Original Message-----
> From: Phil Sorber [mailto:[email protected]]
> Sent: Sunday, April 10, 2016 8:43 AM
> To: [email protected]; [email protected]
> Subject: Deprecation of SSL v2/3
>
> I'd like to propose that we deprecate SSLv2 and SSLv3 in ATS 6.2.0 and
> remove it in 7.0.0.
>
> Currently our defaults do not enable them and have been that way for about
> a year now. For 6.2.0 I'd like to mark them deprecated in the documentation,
> and then we remove the code for 7.0.0. This will mean that as of 7.0.0 you
> will not be able to enable SSLv2/3 even if your OpenSSL library supports it.
>
> Appreciate any feedback.
>
> Thanks.
