[squid-dev] Death of SSLv3
Amos Jeffries
squid3 at treenet.co.nz
Thu May 7 10:03:56 UTC 2015
Its done. SSLv3 is now a "MUST NOT use" protocol from RFC 7525
(<http://tools.ietf.org/html/rfc7525>)
It's time for us to start ripping out from trunk all features and hacks
supporting its use. Over the coming days I will be submitting patches to
remove the squid.conf settings, similar to SSLv2 removal earlier.
The exceptions which may remain are SSLv3 features which are used by the
still-supported TLS versions. Such as session resume, and the SSLv3
format of Hello message (though not the SSLv3 protocol IDs).
Christos, if you can keep this in mind for all current / pending, and
future "SSL" work.
Amos
More information about the squid-dev
mailing list