Re: OpenSSL disables TLS 1.0 and 1.1

To: debian-devel@lists.debian.org
Subject: Re: OpenSSL disables TLS 1.0 and 1.1
From: Sven Hartge <sven@svenhartge.de>
Date: Wed, 9 Aug 2017 20:22:47 +0200
Message-id: <[🔎] 0dni8fh2k7j5v8@mids.svenhartge.de>
References: <20170807014238.mf64rdvgpdkpaiwa@roeckx.be> <[🔎] 8737932yic.fsf@delenn.ganneff.de> <[🔎] 20170807185241.qqamsdbf5pyb3pch@bongo.bofh.it>

Marco d'Itri <md@linux.it> wrote:
> On Aug 07, Joerg Jaspert <joerg@debian.org> wrote:

>> Thats nice for any environment where on can freely define that
>> everything works like this.
>> 
>> Unfortunately real world doesnt work like it.

> Can you describe some examples of what still requires 1.0/1.1 on a
> client or a server?

I just found out that because of that change my older Android 5.1 based
smartphone can no longer connect to my WPA-Enterprise WLAN.

Looking at https://developer.android.com/about/dashboards/index.html
there is still a marketshare of ~25% of smartphones based on Android 5.0
and 5.1 and 16% based on 4.4. So this change would (at the moment) block
~40% of Android smartphones from connecting to any WLAN using PEAP or
TTLS.

And when I look at other wireless-enabled things, the ratio for support
for TLS1.2-only might be even worse and less quick to change.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Reply to:

Follow-Ups:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: md@Linux.IT (Marco d'Itri)

References:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Joerg Jaspert <joerg@debian.org>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: md@Linux.IT (Marco d'Itri)

Prev by Date: Bug#871594: ITP: mediawiki-extensions-universallanguageselector -- Tool to select a language and configure for MediaWiki
Next by Date: Processed: Re: Bug#871547: general: Can't change to any other background.
Previous by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Next by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Index(es):
- Date
- Thread