[squid-dev] Death of SSLv3

Amos Jeffries squid3 at treenet.co.nz
Thu May 7 10:03:56 UTC 2015

Its done. SSLv3 is now a "MUST NOT use" protocol from RFC 7525

It's time for us to start ripping out from trunk all features and hacks
supporting its use. Over the coming days I will be submitting patches to
remove the squid.conf settings, similar to SSLv2 removal earlier.

The exceptions which may remain are SSLv3 features which are used by the
still-supported TLS versions. Such as session resume, and the SSLv3
format of Hello message (though not the SSLv3 protocol IDs).

Christos, if you can keep this in mind for all current / pending, and
future "SSL" work.


More information about the squid-dev mailing list