Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
On Wed, November 12, 2014 12:55, Marco d'Itri wrote:
> Can I merge this for jessie?
I'd strongly prefer if we could indeed merge this for jessie.
>> INN, at the moment, supports TLS connections to nnrpd, but does not
>> allow any configuration besides the certificate and key.
>> +=item I<tlsprotocols>
>> +
>> +The list of TLS protocol versions to support. Valid protocols are
>> +B<SSLv2>, B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The default
>> +value is B<[ SSLv3 TLSv1 TLSv1.1 TLSv1.2 ]>.
Can you remove SSLv3 from the default list?
You could consider to leave out SSLv2 from the possibilities.
>> +=item I<tlscompression>
>> +
>> +Whether to enable or disable TLS compression support (boolean). The
>> +default is true.
Can we default this to false?
Cheers,
Thijs
Reply to: