Comment 16 for bug 1665151
Revision history for this message
|
|
#16 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
Per my other comment above, it appears SSLProtocol is strongly effected by SSLCipherSuite list.
This means SSLProtocol may or may not have any effect, based on SSLCipherSuite list.
Likely this is a complex fix, which might be accomplished by...
1) process SSLCipherSuite
2) then removed any SSLCipherSuite ciphers based on SSLProtocol setting
Simple to describe. Complex to implement.
Another solution might be to just deprecate the SSLProtocol setting.
This would mean SSLCipherSuite determines protocol selection, which appears to be what's actually occurring.
This would involve, removing all code related to SSLProtocol processing + updating documentation for SSLCipherSuite saying, protocols set derive from SSLCipherSuite list provided.