incubator-ooo-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 119090] Default Encryption Fails for Down-Level Implementations
Date Sun, 25 Mar 2012 23:05:37 GMT
https://issues.apache.org/ooo/show_bug.cgi?id=119090

Pedro Giffuni <pfg@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pfg@apache.org

--- Comment #24 from Pedro Giffuni <pfg@apache.org> 2012-03-25 23:05:37 UTC ---
I am OK about enforcing higher security by default, however I am concerned on
making the NSS mandatory to interoperate. NSS is Category B software and is
rather outdated (security issues likely). If we make such functionality default
we should use OpenSSL instead but as discussed in the list long ago, someone
will have to provide patches for that.

I think the patch solves the issue without prohibiting  higher encrytion level
so I think its a reasonable option for 3.4 Release.

-- 
Configure bugmail: https://issues.apache.org/ooo/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

Mime
View raw message