With the next release (2.10.7), the win32 Pidgin builds will ship with NSS 1.13.6. This means that win32 users will start running into SSL read error described in the FAQ.
I'm not sure what options there are to prevent it being a problem; it doesn't look like there are any except for disabling NSS_SSL_CBC_RANDOM_IV, which isn't going to be acceptable to do in Pidgin by default.
I figured it might be useful to have a "heads up".
few weeks ago I proposed a patch for libpurple that would allow protocol plugins to set options separately for each SSL connection (right now there is only a flag for disabling SSL_CBC_RANDOM_IV).
Default behavior is not affected, only plugin that really needs it can set specific flags for itself.
Could please somebody upstream have a look at it? There is still possibility for improvements, but at least I'd like to know if the basic idea would be acceptable for some future version of Pidgin.