Do we still need sslVersionMax/sslVersionMin?
by Mark Reynolds
So some time ago when the poodlebleed vulnerability came out in SSL3 we
added a way to set the minimum and maximum SSL/TLS versions the server
would accept (e.g. TLS1.1 <--> TLS1.2). Current versions of NSS
already use this range by default. I would like to remove/deprecate the
sslVersionMin/Max and just use what NSS uses by default (which should be
the system wide crypto policy).
Is anyone actually using sslVersionMin/Max? Do we really have a need
for it anymore?
--
389 Directory Server Development Team
3 years, 8 months
