Re: Disable SSL2 and SSL3 in ssl.el?

Hi Stephen, xemacs-beta, On Sat, Nov 22, 2014 at 6:03 AM, Stephen J. Turnbull <stephen(a)xemacs.org&gt; wrote: Then why don't you make an informed decision? In Chrome, SSL3 will be disabled in version 39, and gone completely in 40, according to this: https://groups.google.com/a/chromium.org/forum/#!topic/security-dev/Vnhy9... Firefox will disable SSL3 by default starting with version 34; see https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-en... Apple released security update to Safari; see http://support.apple.com/en-us/HT203107 Opera as of version 25 has countermeasures; see http://blogs.opera.com/security/2014/10/security-changes-opera-25-poodle-... Some websites that already don't speak ssl3: www.microsoft.com www.apple.com www.hp.com And neither does my bank. SSL3 is almost 18 years old, and the world is moving on. Why do you want to hold ssl.el back? In the end, I really don't care if you want a patch or not; I can do this for myself. Johann _______________________________________________ XEmacs-Beta mailing list XEmacs-Beta(a)xemacs.org http://lists.xemacs.org/mailman/listinfo/xemacs-beta