Its done. SSLv3 is now a "MUST NOT use" protocol from RFC 7525 (<http://tools.ietf.org/html/rfc7525>)
It's time for us to start ripping out from trunk all features and hacks supporting its use. Over the coming days I will be submitting patches to remove the squid.conf settings, similar to SSLv2 removal earlier. The exceptions which may remain are SSLv3 features which are used by the still-supported TLS versions. Such as session resume, and the SSLv3 format of Hello message (though not the SSLv3 protocol IDs). Christos, if you can keep this in mind for all current / pending, and future "SSL" work. Amos _______________________________________________ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev