openssl vs. libressl
René J.V. Bertin
rjvbertin at gmail.com
Fri Nov 13 10:09:13 PST 2015
On Friday November 13 2015 09:20:11 Jeremy Huddleston Sequoia wrote:
> They *force* the use of the insecure SSLv2 transport (which was broken years ago and replace with SSLv3, which itself was broken).
Where, how?
> Qt probably doesn't use SSLv2 itself or else that warning would have had a different level of urgency.
>
>It looks like it does.
Again, where?
>Why? What problems are you facing? I've been using Libressl exclusively and haven't seen issues in anything I use.
The problem of serving as a guinea pig with software that still depends on the full openssl API.
More information about the macports-users
mailing list