Comment 4 for bug 1381537

I had a quick discussion with mdeslaur (security team) on #ubuntu-hardened.

He's not prepared to push changes which just turn SSLv3 off, since that would break clients. But he is prepared to sponsor security patches that add it as an option, so that users can opt to turn SSLv3 off after they've got the security update.