<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">
<title>
GitLab
</title>
<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">
<p class="details" style="font-style: italic; color: #777;">
<a href="https://gitlab.com/gandaro">gandaro</a> created an issue <a href="https://gitlab.com/gnutls/gnutls/-/issues/1068">#1068</a>:
</p>
<div></div>
<p dir="auto">In the documentation, in Chapter 3.8 "On SSL 2 and older protocols", it says (highlighted by me):</p>
<blockquote dir="auto">
<p>[...] the SSL 3.0 protocol was implemented since it is still the only protocol supported by several servers and <strong>there are no serious security vulnerabilities known.</strong></p>
</blockquote>
<p dir="auto">The first half of the sentence is probably false nowadays, and the statement regarding the security of SSL 3.0 should surely be removed.</p>
<p dir="auto">Maybe the chapter could be replaced by a short paragraph explaining that SSL 2.0 and 3.0 have been deprecated and that 3.0 support is planned to be dropped entirely from GnuTLS in the future. Maybe the elaborate information on SSL 2.0 is also not needed anymore.</p>
</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777;">
—
<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/1068">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/-/sent_notifications/25b06f9441e78e335d1c20ee14cb0415/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/1068"}}</script>
</p>
</div>
</body>
</html>