Hi all,
in the spirit of
https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-04
I’d like to propose that we change the defaults for our settings, to turn these
two protocols off by default:
proxy.config.ssl.TLSv1=0
proxy.config.ssl.TLSv1_1=0
proxy
+1
- These are old protocols that just need to go away. They can always be turned
back on by the administrator if there is a need for them in a particular
installation. It should be well noted in the CHANGES Log and in the "Upgrading
to 9.0" document for the release that this is a change to t
+1
We may need to also review the default settings for
{{proxy.config.ssl.server.cipher_suite}} to make sure it's up-to-date and
consistent with turning off TLSv1.1 and TLSv1.0?
Thanks,
Sudheer
On Tuesday, June 4, 2019, 3:14:09 PM PDT, Leif Hedstrom
wrote:
Hi all,
in the spirit of
+1
OpenSSL support TLSv1.2 from v1.0.1, and our minimum requirements of it is
v1.0.2. from v9.0.0. There're no problems.
- Masaori
On Wed, Jun 5, 2019 at 8:19 AM Patrick O'Brien <
patrickobr...@tetrisblocks.net> wrote:
> +1
>
>
> On Tue, Jun 4, 2019 at 4:02 PM Sudheer Vinukonda <
> sudheervinuk
