Bug#769279: Bug#769046: inn2: Allow for better TLS configurability

To: Thijs Kinkhorst <thijs@debian.org>, 769046@bugs.debian.org
Cc: 769279@bugs.debian.org, christian mock <cm@tahina.priv.at>
Subject: Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
From: md@Linux.IT (Marco d'Itri)
Date: Wed, 12 Nov 2014 14:29:07 +0100
Message-id: <[🔎] 20141112132907.GA11034@bongo.bofh.it>
Reply-to: md@Linux.IT (Marco d'Itri), 769279@bugs.debian.org
In-reply-to: <[🔎] e5c25d376e8b320619f815bcb934f4fe.squirrel@aphrodite.kinkhorst.nl>
References: <20141110233117.18170.42905.reportbug@erl.tahina.priv.at> <[🔎] 20141112115559.GA8544@bongo.bofh.it> <[🔎] e5c25d376e8b320619f815bcb934f4fe.squirrel@aphrodite.kinkhorst.nl>

On Nov 12, Thijs Kinkhorst <thijs@debian.org> wrote:

> Can you remove SSLv3 from the default list?
I do not know the implications wrt clients support.
Christian, did you do any tests?

> >> +=item I<tlscompression>
> >> +Whether to enable or disable TLS compression support (boolean). The
> >> +default is true.
> Can we default this to false?
This is not really useful because CRIME cannot be exploited over NNTP.

-- 
ciao,
Marco

Attachment: pgp6_z9WbOVRt.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
  - From: "Thijs Kinkhorst" <thijs@debian.org>
- Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
  - From: christian mock <cm@tahina.priv.at>

References:
- Re: Bug#769046: inn2: Allow for better TLS configurability
  - From: md@Linux.IT (Marco d'Itri)
- Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
  - From: "Thijs Kinkhorst" <thijs@debian.org>

Prev by Date: Bug#769170: unblock: cinder/2014.1.3-6
Next by Date: Bug#769285: unblock aircrack-ng/1:1.2-0~beta3-2
Previous by thread: Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
Next by thread: Bug#769279: Bug#769046: inn2: Allow for better TLS configurability
Index(es):
- Date
- Thread