Web lists-archives.com

Re: OpenSSL disables TLS 1.0 and 1.1




Marco d'Itri <md@xxxxxxxx> wrote:
> On Aug 07, Joerg Jaspert <joerg@xxxxxxxxxx> wrote:

>> Thats nice for any environment where on can freely define that
>> everything works like this.
>> 
>> Unfortunately real world doesnt work like it.

> Can you describe some examples of what still requires 1.0/1.1 on a
> client or a server?

I just found out that because of that change my older Android 5.1 based
smartphone can no longer connect to my WPA-Enterprise WLAN.

Looking at https://developer.android.com/about/dashboards/index.html
there is still a marketshare of ~25% of smartphones based on Android 5.0
and 5.1 and 16% based on 4.4. So this change would (at the moment) block
~40% of Android smartphones from connecting to any WLAN using PEAP or
TTLS.

And when I look at other wireless-enabled things, the ratio for support
for TLS1.2-only might be even worse and less quick to change.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.