On Mon, Sep 09, 2024 at 11:29:09PM +0200, Daniel Gustafsson wrote: > Agreed. OpenSSL 1.1.1 is very different story and I suspect we'll be stuck on > that level for some time, but 1.1.0 is gone from production use.
The cleanup induced by the removal of 1.1.0 is minimal. I'm on board about your argument with SSL_CTX_set_ciphersuites() to drop 1.1.0 and simplify the other feature. I was wondering about HAVE_SSL_CTX_SET_NUM_TICKETS for a few seconds, but morepork that relies on LibreSSL 3.3.2 disagrees with me. -- Michael
signature.asc
Description: PGP signature
