Heads up: Disabling SSL2 support in NSS

Elio Maldonado emaldona at redhat.com
Mon Feb 9 14:43:57 UTC 2015

To all concerned,

Support for ssl2 will be disabled in NSS. Refer to the to the Mozilla page with a list of sites [1] and the fedora bug [2] filed to disable SSL2 at build time. Upstream NSS will disable SSL2 perhaps as early as September of this year. Red Hat has had SSL2 disabled at built time since RHEL-7.0 which was released in the summer of last year. There have been no complaints so far. The plan was originally to disable it in Fedora but that wasn't possible as at that time which was late 2013. Then rhel-7.0 was about to enter beta but fedora 20 was late in the beta stage and it didn't seem prudent to introduce potentially disturbing changes so late in the development cycle. Now we can finally do it and is way in advance of when we may get it from upstream and gives packages maintainers sufficient of lead time to deal with any sites that may still be using SSL2.


[1] https://wiki.mozilla.org/Necko:SSL_v2_Sites
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1189952

More information about the devel mailing list