Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1dfc8a2f-cc26-4e05-b41d-0398c925226d@gmail.com>
Date: Tue, 6 Aug 2024 17:23:24 -0500
From: Bob Friesenhahn <bobjfriesenhahn@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: feedback requested regarding deprecation of TLS
 1.0/1.1

On 8/6/24 11:34, Stuart Henderson wrote:

> On 2024/08/06 17:12, Marco Moock wrote:
>> As a user, this is acceptable for me, but I know there are still
>> machines outside that only offer such old versions.
>> Some of them can't be upgraded easily because the vendor doesn't
>> provide any new versions.
> BTW, mainstream web browsers disabled pre-1.2 TLS by default around 2020.
FYI, I have old networking equipment for which there is no way to update 
the firmware, but the hardware is still in use.  I find it necessary to 
enable pre-1.2 TLS support in the browser in order to administer the 
equipment.

It seems important to consider the use cases before disabling old protocols.

Bob

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.