[gnutls-devel] GnuTLS | Outdated information on SSL 3.0 in documentation (#1068)

Read-only notification of GnuTLS library development activities gnutls-devel at lists.gnutls.org
Mon Aug 17 20:12:21 CEST 2020




gandaro commented:


I am not sure what the best option would be, therefore I am not submitting a patch yet, and rather suggest something.

Possibly you could delete chapter 3.8 and replace it by a footnote in chapter 2, where it says:

> Technically GnuTLS is a portable ANSI C based library which implements the protocols ranging from SSL 3.0 to TLS 1.3 (see Introduction to TLS, for a detailed description of the protocols), accompanied with the required framework for authentication and public key infrastructure. Important features of the GnuTLS library include:
> 
> * Support for TLS 1.3, TLS 1.2, TLS 1.1, TLS 1.0 and optionally SSL 3.0 protocols.

The footnote could be:

> SSL 2.0 and SSL 3.0 are considered broken [RFC6176] [RFC7568]. Therefore these should not be used. SSL 3.0 support is expected to be completely removed from GnuTLS in the near future.

I am not sure if you would like that. Alternatively, one could rewrite chapter 3.8 to be a chapter on the "History of GnuTLS." Or a general chapter on the different protocol versions there are. Then it would fit in with the rest of chapter 3 (Introduction to TLS). I wouldn't feel qualified to write either of these, though.

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1068#note_397279426
You're receiving this email because of your account on gitlab.com.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20200817/502dba29/attachment.html>


More information about the Gnutls-devel mailing list