An interesting read:
http://op-co.de/blog/posts/android_ssl_downgrade/

I wonder if we should just revert that "RI 6 compatibility" commit?

ttyl
bero