On Sat, May 30, 2020 at 3:22 PM William Lallemand <[email protected]> wrote: > > On Sat, May 30, 2020 at 08:41:04PM +0200, William Lallemand wrote: > > On Sat, May 30, 2020 at 02:04:56PM -0400, Joseph C. Sible wrote: > > > > > > I'm happy about this change, but I notice a flaw in its > > > implementation: it looks like servers that specify "ssl-max-ver > > > TLSv1.0" or "ssl-max-ver TLSv1.1" without specifying ssl-min-ver would > > > previously have disallowed SSLv3, but will now allow it. (I hope this > > > case doesn't actually exist anywhere in practice, but if it does for > > > some reason, we probably don't want to make them even less secure.) > > > > > > Joseph C. Sible > > > > Hello Joseph, > > > > No change were made for server lines, we were only talking about bind > > lines here. There was never a default minimum on server lines. > > > > On bind lines, indeed, if you set a maximum which is lower than the > > default min, the default min won't be used. This was already the case > > previously in fact, but the default was TLSv1.0 so it was less a > > problem. > > > > What I suggest is to display a warning if it happens, so people don't have > > any surprise. > > > > What do you think? > > Actually I think in this case it's safer to fallback on min = max and to > display the warning.
Ah, I was being a bit imprecise. I was using "servers" in the sense of "HAProxy load balancer servers" in general, not "server lines". Anyway, when max < TLSv1.2, I think we should make min default to max. I think this is what you mean by "fallback on min = max", but I'm not 100% sure. I don't mind the warning (since servers shouldn't ever have the max below TLSv1.2 today), but at the same time, I don't really see much value in it either. Joseph C. Sible
