Paladin of the Pegasos
Posts: 1340 from 2012/11/10
From: Manchester, UK/GB
Piru wrote: (reply to NewSense thread #929) While jacek already gave you the beef, here are the technical details in case someone really wants to know what happened there. The gist of it is that OpenSSL Team decided to do the following change for OpenSSL 3: [...The security strength of SHA1 and MD5 based signatures in TLS has been reduced...]
In the end the specific code block reducing the security was just disabled. This surgically fixes the issue without need to touch SECLEVEL itself.
I really appreciate you guys (jacadcaps - aka Jacek & Piru - aka Harry) fixing things so they work with inferior security mechanisms. You'd have thought an ISP would have had a better security system understanding, and keep it up to the latest security mechanisms, to access their site seeing as they (PlusNet) are providing broadband services throughout the UK-GB.
MacMini 1.5GHz,64MB VRAM, PowerBooks A1138/9 (Model 5,8/9),PowerMac G5 2.3GHz(DP), iMac A1145 2.1GHz 20", all with MorphOS v3.17,Airport,Bluetooth,A1016 Keyboard,T-RB22 Mouse,DVD-RW-DL,MiniMax,Firewire/USB2 & MacOSX 10.4/5.