Yoav Nir <ynir.i...@gmail.com> wrote: |> On Dec 9, 2014, at 1:24 PM, Steffen Nurpmeso via RT <r...@openssl.org> \ |> wrote: |> "Salz, Rich" <rs...@akamai.com> wrote: |>|I think magic names -- shorthands -- are a very bad idea. \ |> |> I _completely_ disagree. |> |>| They are point-in-time statements whose meaning evolves, \ |>|if not erodes, over time. |> |> Because i don't think that a normal user, or even normal |> administrators and programmers is and are willing or even capable |> to understand what they are doing.
|decision than most administrators. Nevertheless, if upgrading \ |OpenSSL from version X to version Y causes a ciphersuite (or \ |TLS version) to be dropped into VULNERABLE, there are going \ |to be angry phone calls from users whose browser or application \ |has stopped working. It is the administrator who is going \ Applications don't need to use -VULNERABLE/+SECURE. Heck, the monster ones have become so intransparent that i have to place such an enormous trust into them that i only use one, Firefox, but that does terrible things and there is no knob that i can toggle wheresoever. (I've used Opera for over a decade and am very new to Firefox: i'm pretty sure there is some kind of registry that experienced users can tweak. But still: certainly neither in the Advanced nor the Security Tab.) _How_ i would appreciate being able to enter -VULNERABLE in some text field. And have a nicer and easier exception handling, too. Can be imagined. --steffen _______________________________________________ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev