Re: [fossil-dev] Fossil-scm.org SSL login mismatch

Jungle Boogie Fri, 05 Dec 2014 12:22:34 -0800

Dear Scott,
--------------------------------------------
From: Scott Robison <[email protected]>
Sent:  Fri, 5 Dec 2014 13:03:51 -0700
To: [email protected]
Subject: Re: [fossil-dev] Fossil-scm.org SSL login mismatch
>

On Fri, Dec 5, 2014 at 12:42 PM, Jungle Boogie <[email protected]>

>>

Can I make it a feature request to disable SSL v1-3?



I believe you can disable this in OpenSSL at configure / build time.
no-ssl2 & no-ssl3 are both options. If the library used doesn't support
SSLvX then the application using it can't support it either.


That's a very valid point!
http://wiki.openssl.org/index.php/Compilation_and_Installation

Config flag is: no-ssl3

How do you suppose HSTS and forward secrecy be enabled?

https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
https://en.wikipedia.org/wiki/Forward_secrecy

--
inum: 883510009027723
sip: [email protected]
xmpp: [email protected]
_______________________________________________
fossil-dev mailing list
[email protected]
http://sqlite.org:8080/cgi-bin/mailman/listinfo/fossil-dev

Re: [fossil-dev] Fossil-scm.org SSL login mismatch

Reply via email to