Join GitHub today
Disable SSLv3 by default #248
SSLv3 should never be enabled by default, it is considered broken. Thus, please remove it from the default configurations for all plugins that use SSL (irc, relay, and potentially others?)
It should not be necessary to do
To show that this is not just me being crazy and paranoid: Google is disabling fallback to SSLv3 in Chrome 39, and plans on removing it altogether in version 40. See what their security chief said about that.
Somewhat related: #234