Sorry, I didn't mean to suggest we should abandon the change/bug, as not
all distros have crypto policy support systemwide.
Rather, that we should
1. make sure the out of the box behaviour is to honour openssl defaults
2. provide a nova.conf setting for the protocol version, which allows an
I'm going to close out this bug based on input from Daniel Berrange from
the patch review:
"IMHO hardcoding a specific TLS version is pretty undesirable. There is
active work to enable TLS 1.3 in all crypto libraries in the very near
future, so we really want choice of version to be configurable,
2 matches
Mail list logo
