[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Dropping support for openssl 0.9.6?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello!
> Hi folks,
>
> We're thinking about dropping support in Tor for openssl 0.9.6.
>
> (It appears that 0.9.6 was last patched in 2004, meaning it's probably
> quite insecure now.)
Dropping support might be a good idea then.
> Does anybody here still rely on it? Or do you know any common platforms
> that do? Speak up now if this matters to you. :)
No. 0.9.8f!
> We'll probably do a two-stage deprecation, where in the first stage
> new Tors refuse to build with it but still accept connections to/from
> Tors that use it, and in the second stage we assume that it no longer
> exists anywhere.
>
> --Roger
Sounds OK.
Best regards,
Stefan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHINIvgs5mTaoGZecRAvXZAJ0RRC2KL3DlRnYEDAlSbl99x0wfDACeLEWw
mmJoN1iYPmKrsb5T+mrX0kE=
=SVyv
-----END PGP SIGNATURE-----