On Sun, Aug 20, 2017 at 01:51:16PM +0200, Tollef Fog Heen wrote: > Arguing for keeping TLS 1.0 support means you're arguing for providing > users with a default-insecure setup.
No. Arguing for keeping TLS1.0 *enabled by default* does. But arguing for *allowing* it to be re-enabled (without requiring a recompile of OpenSSL), as opposed to the "it's not even compiled in" stuff that we're getting now, does not. -- Could you people please use IRC like normal people?!? -- Amaya Rodrigo Sastre, trying to quiet down the buzz in the DebConf 2008 Hacklab