On 07/05/2015 12:17, William A Rowe Jr wrote:
> On May 6, 2015 9:09 PM, "William A Rowe Jr" <wr...@rowe-clan.net> wrote: >> >> >> On May 6, 2015 8:12 PM, "Noel Butler" <noel.but...@ausics.net> wrote: >> > >> > On 07/05/2015 09:22, William A Rowe Jr wrote: >> >> >> >> >> >> For trunk, I propose we drop TLSv1 and TLSv1.1 protocols and simply adopt >> >> the recommended cipher list illustrated below (!SSLv3) in the default >> >> extra/httpd-ssl.conf source, following the SHOULD recommendations. >> > >> > unless trunk is for the 2.6 release -1 >> >> Noel, that is precisely the purpose of trunk, always. The 'next' release. >> Might be 2.6, might be called 3.0. > > And if you pay particularly close attention, you'll note that trunk already > presents itself as 2.5.0-dev, its version number when we first attempt an > alpha toward 2.6 or 3.0, sometime is the future. yes, I had a bad (few) day then - flu Either way, using slackware on all my servers its trivial since the distro keeps pretty much up to date by design - unlike RH/debian and their kiddy versions who bring out new releases with 2+yo libs and other goodies, I'd just hesitate to drop them, wait and see whats capable in their current enterprise releases when the time comes to make that decision, since RH is most used enterprise release, I'm going to contradict myself here - since it's always been my belief that upstreams should never base their decisions on downstreams (like ASF does WRT deprecating 2.2) but if RH for example's new release at the time doesn't support 1.2, its pointless dropping 1.0/1.1 Dont get me wrong, I think RH, debian, and to a point even SUSE, are the ones who need to pull their finger out and modernise (been 10 years since I touched/looked at a BSD box so wont comment on the state of them) But... maybe... you are right... making the statement now that come 2.6 (I'd rather see it in a new major - like 3.x) that if those guys cant get their act together by then, they got nobody to blame but themselves.
