No, the point is the claim that Debain 6 LTS has 5 year support until mid. 2016. And as a user I expect Debian 6 LTS is up-to-date (from security point of view) until mid. 2016. But with missing TLSv1.2 it is NOT. Nevertheless when the code freeze was.Debian Squeeze was feature-frozen in August 2010, one and a half year before Ubuntu 12.04 LTS. That is, it was feature-frozen while Ubuntu 10.04 was the current Ubuntu version.But Ubuntu 12 LTS has OpenSSL which supports TLSv1.2 and PFS.
If you want to compare Ubuntu 12 LTS with a Debian release, the closest we've got is Wheezy.
I agree that it would be nice, but the writing has been on the wall regarding which Debian release you should look to for TLS and PFS support since Wheezy was frozen in 2012.Furthermore I discovered mail services of my clients that only support TLSv1.2 - and because of this, encrypted e-mail communication fails. And, from IT security point of view, I can only recommend a service or a software to my clients that obeys the protective legal requirements. Additionally I think that the supported encryption protocol is a security issue!
To sum this up: we need Debian 6 LTS with TLSv1.2 (i.e. with a recent OpenSSL implemenation).
I think you'd be better served by migrating to Wheezy or Jessie.Really? With the customer projects there is no budget for migration to a new release. The migration is planned in early summer 2016. And the migration would not be straight-forward, because Linux Virtual Server support was dropped with Debian 7 and some important concepts have changed in Linux Containers.
Condolence
--
Cheers,
Jan
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature