On Tuesday, August 27, 2024 at 11:56:44 PM UTC+10 Ian Lance Taylor wrote:
On Mon, Aug 26, 2024 at 10:16 PM Robert Engels <ren...@ix.netcom.com> wrote: > > Hmm. Aren’t the endpoints supposed to negotiate the available cryptographic methods? > > So wouldn’t this affect non Go endpoints as well - which puts the burden back on the side trying to use the latest Go version which is removing some of the methods? > > Making it “if you upgrade to this version of Go you will no longer accept any clients expecting to use TLS” - unless you do X? Yes, that is my understanding. Ian Endpoints negotiate common cipher suites. Change removed cipher suites compatible with clients or servers supporting only a limited set of ciphers. Resulting error is a rather generic TLS handshake error message. Leaves the recipient with little direction to fault find on and makes finding unless you do X difficult. Just to clarify, it is not just Go servers, Go when acting as a client is similarly impacted. Creaky -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/bacbec30-3268-49ce-87f3-e0bab85166e2n%40googlegroups.com.
