On Saturday 27 December 2014 10:52:41 Richard Moore wrote: > Hmm, if you set TLS 1.0 you really need to only negotiate TLS 1.0. If not > then if you're connecting to old servers the TLS extensions will lead the > connection to hang. Perhaps what we want is a minimum and maximum version > (though this doesn't map very well to the underlying openssl API).
Why? Let's assume we're this is 2014 today and that any non-broken server has been upgraded to support TLSv1, since SSLv3 is now known to be not as secure. Is the connection hanging still a problem? And even if it is, isn't that an OpenSSL problem, not ours? -- Thiago Macieira - thiago.macieira (AT) intel.com Software Architect - Intel Open Source Technology Center _______________________________________________ Development mailing list Development@qt-project.org http://lists.qt-project.org/mailman/listinfo/development
