Restrict connections to TLS 1.3 or higher #1

New issue

Open

opened 2019-07-27 08:38:36 -04:00 by jmcbray · 3 comments

jmcbray commented

2019-07-27 08:38:36 -04:00

Owner

There is a proposal to restrict the Gemini protocol to use only TLS 1.3 or higher, which makes sense, because a new protocol doesn't need older TLS versions for backward compatibility.

Set connection flags with CL+SSL:MAKE-CONTEXT to not support SSL or older TLS protocols.

There is a proposal to restrict the Gemini protocol to use only TLS 1.3 or higher, which makes sense, because a new protocol doesn't need older TLS versions for backward compatibility. Set connection flags with CL+SSL:MAKE-CONTEXT to not support SSL or older TLS protocols.

jmcbray commented

2019-07-27 13:08:13 -04:00

Author

Owner

cbe7b96b39 is supposed to fix this, but doesn't. I had trouble using CL+SSL:WITH-GLOBAL-CONTEXT, but it looks like I have to get it working.

cbe7b96b39 is supposed to fix this, but doesn't. I had trouble using CL+SSL:WITH-GLOBAL-CONTEXT, but it looks like I have to get it working.

jmcbray commented

2020-06-18 15:51:23 -04:00

Author

Owner

I suspect this is a cl+ssl bug. Waiting to hear back from cl+ssl devs.

https://github.com/cl-plus-ssl/cl-plus-ssl/issues/107

I suspect this is a cl+ssl bug. Waiting to hear back from cl+ssl devs. https://github.com/cl-plus-ssl/cl-plus-ssl/issues/107

jmcbray commented

2020-06-19 16:41:02 -04:00

Author

Owner

This is fixed in a branch, but it requires changes in cl-plus-ssl.

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

jmcbray/germinal#1

No description provided.

Rows
Columns