[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#769279: Bug#769046: inn2: Allow for better TLS configurability

On Wed, November 12, 2014 12:55, Marco d'Itri wrote:
> Can I merge this for jessie?

I'd strongly prefer if we could indeed merge this for jessie.

>> INN, at the moment, supports TLS connections to nnrpd, but does not
>> allow any configuration besides the certificate and key.

>> +=item I<tlsprotocols>
>> +
>> +The list of TLS protocol versions to support. Valid protocols are
>> +B<SSLv2>, B<SSLv3>, B<TLSv1>, B<TLSv1.1> and B<TLSv1.2>. The default
>> +value is B<[ SSLv3 TLSv1 TLSv1.1 TLSv1.2 ]>.

Can you remove SSLv3 from the default list?

You could consider to leave out SSLv2 from the possibilities.

>> +=item I<tlscompression>
>> +
>> +Whether to enable or disable TLS compression support (boolean). The
>> +default is true.

Can we default this to false?


Cheers,
Thijs
Reply to: