[openssl-dev] [openssl.org #3728] Question: does "sslv3" in log mean we're using SSLv3?
Viktor Dukhovni
openssl-users at dukhovni.org
Sun Mar 8 04:01:40 UTC 2015
On Sat, Mar 07, 2015 at 09:56:36AM -0800, Daniel Kahn Gillmor wrote:
> > No. These are just the names of internal functions. Originally written when it
> > was just a choice of ssl2 or ssl3 they were subsequently reused for TLS - but
> > the names have remained the same.
>
> Is there a plan to change this in any subsequent release? This kind of
> misleading debugging information seems likely to confuse people. I
> understand that knowledgable users and developers might be used to
> seeing these exact strings, but fixing them to provide correct
> information is probably better for the entire community in the
> long-term.
I don't see sufficient benefit from such an exercise. It requires
retooling any log parsers that already grok the current messages.
There are far more important issues to address with the few cycles
at hand. Some day, when SSL3 is no longer support at all, and the
OpenSSL code base is clean and easy to maintain, we can worry about
cosmetic issues of this sort...
--
Viktor.
More information about the openssl-dev
mailing list