Hi, My concern is less about https (hello iloms), but other kind of protocols. Ssl vpn, rdp servers, voip, etc. And embedded devices implements this protocols.
On Aug 8, 2017 7:35 AM, "Stephan Seitz" <stse+deb...@fsing.rootsland.net> wrote: > On Mo, Aug 07, 2017 at 11:18:38 -0500, Michael Lustfield wrote: > >> Is there an actual need for the removal of TLS v1.{0,1}? Are either >> considered broken or unsupported by upstream? If not, I'd be much more >> > > That’s I like to know as well. > > Doing a quick check on my appliances I could find the following TLSv1-only > devices: > - some iDRAC (Dell) > - Netapp Filer > - Cisco Web Security Appliances > > And what about mail appliances? If they offer only TLSv1 then the Debian > mailserver will fallback to unencrypted transfer. I don’t think this is a > good idea. > > Shade and sweet water! > > Stephan > > -- > | Public Keys: http://fsing.rootsland.net/~stse/keys.html | >