Re: OpenSSL disables TLS 1.0 and 1.1
- Date: Wed, 9 Aug 2017 20:22:47 +0200
- From: Sven Hartge <sven@xxxxxxxxxxxxx>
- Subject: Re: OpenSSL disables TLS 1.0 and 1.1
Marco d'Itri <md@xxxxxxxx> wrote:
> On Aug 07, Joerg Jaspert <joerg@xxxxxxxxxx> wrote:
>> Thats nice for any environment where on can freely define that
>> everything works like this.
>> Unfortunately real world doesnt work like it.
> Can you describe some examples of what still requires 1.0/1.1 on a
> client or a server?
I just found out that because of that change my older Android 5.1 based
smartphone can no longer connect to my WPA-Enterprise WLAN.
Looking at https://developer.android.com/about/dashboards/index.html
there is still a marketshare of ~25% of smartphones based on Android 5.0
and 5.1 and 16% based on 4.4. So this change would (at the moment) block
~40% of Android smartphones from connecting to any WLAN using PEAP or
And when I look at other wireless-enabled things, the ratio for support
for TLS1.2-only might be even worse and less quick to change.
Sigmentation fault. Core dumped.