> On May 28, 2018, at 5:27 PM, Michal Trojnara
> wrote:
>
> - The default cipher list was updated to a safer value:
>"HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK".
I am rather puzzled as to why you chose to eliminate
not just fixed DH, but also the ephemeral finite-field
DH key exchange. What's wr
Dear Users,
I have released version 5.46 of stunnel.
Version 5.46, 2018.05.28, urgency: MEDIUM
* New features
- The default cipher list was updated to a safer value:
"HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK".
* Bugfixes
- Default accept address restored to INADDR_ANY.
Home page: https://www.stun
On Sun, Apr 29, 2018 at 12:43:26PM +0200, Kurt Roeckx wrote:
> We are considering if we should enable TLS 1.3 by default or not,
> or when it should be enabled. For that, we would like to know how
> applications behave with the latest beta release.
It looks like couple of TLS 1.3 changes result in