Comment 16 for bug 312536

afaict, most NSS things are guarded by SSL_CipherPolicySet/SSL_SetPolicy.
You can disable/enable SSL2, SSL3, I believe even TLS, although I haven't
actually tried to do that.

I was looking around to see how hard it would be to use SSL_CipherPolicySet to
implement this such that people could turn off MD2, MD5, and SHA1 for testing
purposes.

I need to ask someone to explain why we have code which still calls
SSL_SetPolicy even though the api says it's deprecated.