I have a question about SSL versions.
I have a java electrum server and with new versions of jvm it doesn't allow connections using SSLv2 or SSLv3.
Here is a summary of what versions exist:
http://en.wikipedia.org/wiki/Transport_Layer_Security#CipherIn short, for security reasons it would be good to go to TLSv2 as soon as is reasonable.
Before I go on, I should note that this has nothing to do with the security of your bitcoin, your keys or your seed. All the SSL link is protecting is the privacy of which addresses you ask an electrum server about. This isn't super important because we are mostly using self-signed certs and these connections could be main in the middled already.
So anyways, existing clients can't connect to my servers via SSL since the java SSL implementation wants some flavor of TLS now.
The client python code does:
ssl.wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv23, ...
In new versions of python, SSLv23 doesn't mean SSLv2 or 3 only, it actually means anything not SSLv1. So after people start running newer python, this setting of SSLv23 will be fine.
However it probably would be better to call for PROTOCOL_TLSv1_2 at some point.
So really nothing needs be done. In my testing it looks like some of the existing python electrum servers support TLS 1.2 already.
