Re: sslv2 and openssl 1.0
On Sun, 03 Apr 2011 at 02:52:17 +0200, Jérémy Lal wrote:
> People might complain about old sslv2 clients in case the
> packaged software is a server (telepathy-*, web servers)
For the record, the various Telepathy daemons typically act as SSL clients
(where their various protocols support SSL at all), rather than SSL servers;
for instance, telepathy-gabble not supporting SSLv2 would only be a problem
if connecting to a SSLv2-only XMPP server.
Current work on end-to-end encryption is likely to involve tunnelling TLS
through IM protocols, but I'd expect that to be TLS 1.0 rather than anything
older.
S
Reply to: