Re: OpenSSL disables TLS 1.0 and 1.1

To: debian-devel@lists.debian.org
Subject: Re: OpenSSL disables TLS 1.0 and 1.1
From: Marc Haber <mh+debian-devel@zugschlus.de>
Date: Fri, 11 Aug 2017 21:27:19 +0200
Message-id: <[🔎] E1dgFaZ-0000AF-FI@swivel.zugschlus.de>
In-reply-to: <[🔎] 6dnnaakrinuv8@mids.svenhartge.de>
References: <20170807014238.mf64rdvgpdkpaiwa@roeckx.be> <[🔎] 8737932yic.fsf@delenn.ganneff.de> <[🔎] 20170807185241.qqamsdbf5pyb3pch@bongo.bofh.it> <[🔎] 0dni8fh2k7j5v8@mids.svenhartge.de> <[🔎] 20170811112052.a4vkn3skwcoif5p7@bongo.bofh.it> <[🔎] 20170811125256.tmi265wt424hb6te@bongo.bofh.it> <[🔎] 3dnmurtrinuv8@mids.svenhartge.de> <[🔎] 18014e75805804f28c0cb902abf6ee62@iwakd.de> <[🔎] 6dnnaakrinuv8@mids.svenhartge.de>

On Fri, 11 Aug 2017 18:20:22 +0200, Sven Hartge <sven@svenhartge.de>
wrote:
>Christian Seiler <christian@iwakd.de> wrote:
>> Don't get me wrong: I do believe it's a huge problem that vendors of
>> said appliances don't provide updates for these kind of things, and I
>> wish that we could indeed drop everything except TLS 1.2, but the real
>> world is unfortunately more complicated, and I think Debian would do a
>> huge disservice to users if it removed TLS 1.0 and 1.1 from OpenSSL in
>> Buster without a well-documented possibility for the admin to reenable
>> it.
>
>I'd go one step further and say that Debian would disqualify itself as a
>distribution usable for any real world application.

What Sven says, yes.

Greetings
Marc
-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Reply to:

References:
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Joerg Jaspert <joerg@debian.org>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: md@Linux.IT (Marco d'Itri)
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Sven Hartge <sven@svenhartge.de>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: md@Linux.IT (Marco d'Itri)
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Marco d'Itri <md@Linux.IT>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Sven Hartge <sven@svenhartge.de>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Christian Seiler <christian@iwakd.de>
- Re: OpenSSL disables TLS 1.0 and 1.1
  - From: Sven Hartge <sven@svenhartge.de>

Prev by Date: Re: Bug#798476: Returning to the requirement that Uploaders: contain humans
Next by Date: Bug#871812: ITP: gajim-rostertweaks -- allows user to tweak Gajim roster window appearance
Previous by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Next by thread: Re: OpenSSL disables TLS 1.0 and 1.1
Index(es):
- Date
- Thread