cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit

From: Rich Gray <rgray_at_plustechnologies.com>
Date: Wed, 08 Feb 2012 10:43:24 -0500

Daniel Stenberg wrote:
> On Wed, 8 Feb 2012, Yang Tse wrote:
>
>>> CURLSSLOPT_ALLOW_BEAST
>>> --ssl-allow-beast
>>
>> +1
>>
>> 'enable' could be interpreted as if lib/curl itself initiated the BEAST
>> atack.
>
> Yes, I agree that "allow" sounds better than "enable". I'll rename the
> option and if no other objections pop up proceed and push it.
>
> Kamil: maybe you can just adapt your patch after my push and then push yours?

Or to make it uber clear:

CURLSSLOPT_ALLOW_VULNERABILITY_BEAST
--ssl-allow-vulnerability-beast

(If they want to do it, make 'em type!)

- Rich
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-02-08

This message: [ Message body ]
Next message: Respaldo de Pedidos: "Protocol https not supported or disabled in libcurl for .aspx site"
Previous message: Daniel Stenberg: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
In reply to: Daniel Stenberg: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
Next in thread: Oscar Koeroo: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"
Reply: Oscar Koeroo: "Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS commit"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]