If Frank doesn't want SSLv2 then he needs to disable it in the SSL_CTX first, no?
The mechanism to say what ciphers you want is orthogonal to the mechanism to say what protcols you want. That's unfortunate and a source of confusion, but is unlikely to change any time soon. -- Principal Security Engineer Akamai Technologies, Cambridge MA IM: rs...@jabber.me Twitter: RichSalz :��I"Ϯ��r�m���� (����Z+�7�zZ)���1���x��h����W^��^��%�� ��&jם.+-1�ځ��j:+v�������h�