[Webkit-unassigned] [Bug 140013] New: [SOUP] Disable insecure TLS version negotiation

Wed Dec 31 08:36:27 PST 2014

https://bugs.webkit.org/show_bug.cgi?id=140013

            Bug ID: 140013
           Summary: [SOUP] Disable insecure TLS version negotiation
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com

Currenly, libsoup performs insecure TLS version fallback, as do major web browsers. This is performed to preserve compatibility with broken servers.

Firefox recently removed this behavior [1], so we should as well. This probably requires changes in libsoup.

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=1084025

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20141231/21af9440/attachment-0002.html>