Re: [Bug-wget] SSL Poodle attack

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] SSL Poodle attack

From:	Daniel Stenberg
Subject:	Re: [Bug-wget] SSL Poodle attack
Date:	Thu, 16 Oct 2014 00:20:43 +0200 (CEST)
User-agent:	Alpine 2.00 (DEB 1167 2008-08-23)

On Wed, 15 Oct 2014, Daniel Kahn Gillmor wrote:

I agree that OpenSSL has traditionally been too conservative. I'm arguingthat if we're going to set anything other than the default, we should makeour changes as *relative* changes rather than specifying something absolute,so that wget can get any improvements that OpenSSL makes to the defaultwithout having to rebuild wget itself.


Ah right, sorry for that detour. This sounds like a sensible approach indeed.

--

 / daniel.haxx.se

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-wget] SSL Poodle attack, Tim Rühsen, 2014/10/15
- Re: [Bug-wget] SSL Poodle attack, Petr Pisar, 2014/10/15
  - Re: [Bug-wget] SSL Poodle attack, Tim Rühsen, 2014/10/15
    - Re: [Bug-wget] SSL Poodle attack, Daniel Kahn Gillmor, 2014/10/15
    - Re: [Bug-wget] SSL Poodle attack, Daniel Stenberg, 2014/10/15
    - Re: [Bug-wget] SSL Poodle attack, Daniel Kahn Gillmor, 2014/10/15
    - Re: [Bug-wget] SSL Poodle attack, Daniel Stenberg <=
    - Re: [Bug-wget] SSL Poodle attack, Tim Rühsen, 2014/10/16
    - [Bug-wget] [PATCH] V2 removed 'auto' SSLv3 also from OpenSSL code, Tim Rühsen, 2014/10/16
    - Re: [Bug-wget] [PATCH] V2 removed 'auto' SSLv3 also from OpenSSL code, Giuseppe Scrivano, 2014/10/19
    - Re: [Bug-wget] [PATCH] V2 removed 'auto' SSLv3 also from OpenSSL code, Tim Rühsen, 2014/10/19

Prev by Date: Re: [Bug-wget] SSL Poodle attack
Next by Date: Re: [Bug-wget] Issue with --content-on-error and --convert-links
Previous by thread: Re: [Bug-wget] SSL Poodle attack
Next by thread: Re: [Bug-wget] SSL Poodle attack
Index(es):
- Date
- Thread