Bug#903747: marked as done (tracker.debian.org: tighten TLS settings)

To: Raphael Hertzog <hertzog@debian.org>
Subject: Bug#903747: marked as done (tracker.debian.org: tighten TLS settings)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sun, 15 Jul 2018 13:54:03 +0000
Message-id: <[🔎] handler.903747.D903747.15316627097330.ackdone@bugs.debian.org>
Reply-to: 903747@bugs.debian.org
References: <20180715135146.GC28449@home.ouaza.com> <[🔎] 4758099.r0mQh2fvqG@deblab>

Your message dated Sun, 15 Jul 2018 15:51:46 +0200
with message-id <20180715135146.GC28449@home.ouaza.com>
and subject line Re: Bug#903747: tracker.debian.org: tighten TLS settings
has caused the Debian Bug report #903747,
regarding tracker.debian.org: tighten TLS settings
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
903747: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903747
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org

Subject: tracker.debian.org: tighten TLS settings

From: Dmitry Smirnov <onlyjob@debian.org>

Date: Sat, 14 Jul 2018 13:32:01 +1000

Message-id: <[🔎] 4758099.r0mQh2fvqG@deblab>
Package: tracker.debian.org
Severity: wishlist

According to ssllabs [1], tracker.debian.org still uses
TLS-1.0 and some weak ciphers.

It would be nice to tighten TLS settings using Mozilla SSL config
generator [2].

Thanks.

[1]: https://www.ssllabs.com/ssltest/analyze.html?d=tracker.debian.org&s=5.153.231.23&latest
[2]: https://mozilla.github.io/server-side-tls/ssl-config-generator/

-- 
Best wishes,
 Dmitry Smirnov.

---

Truth — Something somehow discreditable to someone.
        -- H. L. Mencken, 1949
Attachment: signature.asc
Description: This is a digitally signed message part.

--- End Message ---

--- Begin Message ---

To: Dmitry Smirnov <onlyjob@debian.org>, 903747-done@bugs.debian.org

Subject: Re: Bug#903747: tracker.debian.org: tighten TLS settings

From: Raphael Hertzog <hertzog@debian.org>

Date: Sun, 15 Jul 2018 15:51:46 +0200

Message-id: <20180715135146.GC28449@home.ouaza.com>

In-reply-to: <[🔎] 4758099.r0mQh2fvqG@deblab>

References: <[🔎] 4758099.r0mQh2fvqG@deblab>
Hi,

On Sat, 14 Jul 2018, Dmitry Smirnov wrote:
> According to ssllabs [1], tracker.debian.org still uses
> TLS-1.0 and some weak ciphers.
> 
> It would be nice to tighten TLS settings using Mozilla SSL config
> generator [2].

The TLS settings are controlled by the Debian System Administrators in a
coherent way for all the .debian.org hosts. I don't have have control over
them.

They review the TLS settings regularly and they have opted for a
compromise that they are happy with. If you have specific issues
and are willing to discuss those, please get in touch with them directly.

https://dsa.debian.org/

But for now they consider that keeping TLS 1.0 is still useful.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
--- End Message ---

Reply to:

References:
- Bug#903747: tracker.debian.org: tighten TLS settings
  - From: Dmitry Smirnov <onlyjob@debian.org>

Prev by Date: Bug#903749: marked as done (tracker.debian.org: Random packages are added to a team)
Next by Date: debci configuration is inconsistent, disrupts package migration
Previous by thread: Bug#903747: tracker.debian.org: tighten TLS settings
Next by thread: Bug#903749: tracker.debian.org: Random packages are added to a team
Index(es):
- Date
- Thread