Web lists-archives.com

Re: openssl/libssl1 in Debian now blocks offlineimap?




On Sun, Aug 20, 2017 at 11:03:33PM +0200, Hanno Rince' Wagner wrote:
> Hi Jonas!
> > Question is if Debian _force_ only TLS 1.2 so that no services _can_ use 
> > anything else.
> 
> IMHO we should have the default at TLS 1.2, but be able to configure
> 1.0. But this has to be an opt-in value, not an opt-out.

Yes, exactly, that's what Jonas was arguing too. The problem is,
however, that this is not what we're currently getting.

-- 
Could you people please use IRC like normal people?!?

  -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008
     Hacklab