Re: OpenSSL disables TLS 1.0 and 1.1

To: debian-devel@lists.debian.org
Subject: Re: OpenSSL disables TLS 1.0 and 1.1
From: Sven Hartge <sven@svenhartge.de>
Date: Fri, 11 Aug 2017 18:20:22 +0200
Message-id: <[🔎] 6dnnaakrinuv8@mids.svenhartge.de>
References: <20170807014238.mf64rdvgpdkpaiwa@roeckx.be> <[🔎] 8737932yic.fsf@delenn.ganneff.de> <[🔎] 20170807185241.qqamsdbf5pyb3pch@bongo.bofh.it> <[🔎] 0dni8fh2k7j5v8@mids.svenhartge.de> <[🔎] 20170811112052.a4vkn3skwcoif5p7@bongo.bofh.it> <[🔎] 20170811125256.tmi265wt424hb6te@bongo.bofh.it> <[🔎] 3dnmurtrinuv8@mids.svenhartge.de> <[🔎] 18014e75805804f28c0cb902abf6ee62@iwakd.de>

Christian Seiler <christian@iwakd.de> wrote:

> Don't get me wrong: I do believe it's a huge problem that vendors of
> said appliances don't provide updates for these kind of things, and I
> wish that we could indeed drop everything except TLS 1.2, but the real
> world is unfortunately more complicated, and I think Debian would do a
> huge disservice to users if it removed TLS 1.0 and 1.1 from OpenSSL in
> Buster without a well-documented possibility for the admin to reenable
> it.

I'd go one step further and say that Debian would disqualify itself as a
distribution usable for any real world application.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Reply to:

Follow-Ups:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Marc Haber <mh+debian-devel@zugschlus.de>

References:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Joerg Jaspert <joerg@debian.org>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: md@Linux.IT (Marco d'Itri)
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Sven Hartge <sven@svenhartge.de>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: md@Linux.IT (Marco d'Itri)
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Marco d'Itri <md@Linux.IT>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Sven Hartge <sven@svenhartge.de>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Christian Seiler <christian@iwakd.de>

Prev by Date: Re: OpenSSL disables TLS 1.0 and 1.1
Next by Date: Improvement of sensible-utils
Previous by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Next by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Index(es):
- Date
- Thread