Re: OpenSSL disables TLS 1.0 and 1.1

To: debian-devel@lists.debian.org
Subject: Re: OpenSSL disables TLS 1.0 and 1.1
From: Stephan Seitz <stse+debian@fsing.rootsland.net>
Date: Tue, 8 Aug 2017 13:26:52 +0200
Message-id: <[🔎] 20170808T131948.GA.b9b7e.stse@fsing.rootsland.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] CAL4L7=DkW9SS+TDkvfZZzcEcNR5pX5z5hhRDVA58Gd_GjGz7xw@mail.gmail.com>
References: <20170807014238.mf64rdvgpdkpaiwa@roeckx.be> <[🔎] 8737932yic.fsf@delenn.ganneff.de> <[🔎] CAL4L7=DkW9SS+TDkvfZZzcEcNR5pX5z5hhRDVA58Gd_GjGz7xw@mail.gmail.com>

On Mo, Aug 07, 2017 at 11:18:38 -0500, Michael Lustfield wrote:

Is there an actual need for the removal of TLS v1.{0,1}? Are either
considered broken or unsupported by upstream? If not, I'd be much more


That’s I like to know as well.

Doing a quick check on my appliances I could find the followingTLSv1-only devices:

- some iDRAC (Dell)
- Netapp Filer
- Cisco Web Security Appliances

And what about mail appliances? If they offer only TLSv1 then the Debianmailserver will fallback to unencrypted transfer. I don’t think this isa good idea.


Shade and sweet water!

	Stephan

--
| Public Keys: http://fsing.rootsland.net/~stse/keys.html |

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to:

Follow-Ups:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Attila Szalay <sasa@debian.org>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Vincent Lefevre <vincent@vinc17.net>

References:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Joerg Jaspert <joerg@debian.org>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Michael Lustfield <michael@lustfield.net>

Prev by Date: Bug in https://release.debian.org/transitions/ page?
Next by Date: Re: Bug in https://release.debian.org/transitions/ page?
Previous by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Next by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Index(es):
- Date
- Thread