relayd(8) and httpd(8) TLS settings update.
(undeadly.org)
from cm0002@infosec.pub to openbsd@lemmy.sdf.org on 29 Jun 19:15
https://infosec.pub/post/48741686
from cm0002@infosec.pub to openbsd@lemmy.sdf.org on 29 Jun 19:15
https://infosec.pub/post/48741686
Both relayd(8) and httpd(8) now have the “secure” list of allowed crypto methods for HTTPS, which include TLSv1.3 and the TLSv1.2 AEAD cipher suites. The previous list was “HIGH:!aNULL” which contain non-perfect-forward-security methods and this change may cause old clients to not be able to connect.
threaded - newest