Web lists-archives.com

Re: openssl/libssl1 in Debian now blocks offlineimap?




On Sun, Aug 20, 2017 at 01:51:16PM +0200, Tollef Fog Heen wrote:
> Arguing for keeping TLS 1.0 support means you're arguing for providing
> users with a default-insecure setup.

No.

Arguing for keeping TLS1.0 *enabled by default* does. But arguing for
*allowing* it to be re-enabled (without requiring a recompile of
OpenSSL), as opposed to the "it's not even compiled in" stuff that we're
getting now, does not.

-- 
Could you people please use IRC like normal people?!?

  -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008
     Hacklab