Edmund Wong wrote: > It is also not likely that we'd set the update system to use > SSLv3 or TLSv1 (thanks to Heartbleed, Poodle, and whatever > else) and set to a lower cypher set.
Despite the attacks listed I believe supporting TLSv1 with a very limited cypher set should be possible. Even SM 1.1.x does support ecdhe_ecdsa_aes and ecdhe_rsa_aes. Since these cyphers are enabled by default supporting them with TLSv1 on the server should be fine. Regards, Gunther _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey