From: kemal <kemalinanc8@gmail.com>
To: 9front@9front.org
Subject: Re: [9front] [PATCH] libsec: add minimal support for the tls renegotiation extension
Date: Wed, 25 Jan 2023 16:19:59 +0000 [thread overview]
Message-ID: <CABO6sheBh-oj_Y25s4sE1QfjzOAQBC2aF0tRg3cik2kArJsGMQ@mail.gmail.com> (raw)
In-Reply-To: <CAFSF3XO2W4skzFJUsY2AikX-6R1=1rdH+cHsy_TFVT4_jrQsTQ@mail.gmail.com>
2023-01-23 13:16 GMT, hiro <23hiro@gmail.com>:
> did you try explaining this to "The OpenSSL developers" ?
>
> also, is there no way in openssl to turn off this behavior?
>
> it seems like an industry-wide sabotage effort.
i'd like to add to the discussion that i encountered with this
problem months ago, but with a custom firefox config:
https://github.com/arkenfox/user.js/blob/master/user.js#L423
i solved this "problem" by just disabling that setting, but it's
confusing that openssl adopted this practice too. i don't get
the point.
2023-01-24 0:16 GMT, hiro <23hiro@gmail.com>:
> also, maybe it's enough if we stop supporting tls1.2 ?
> maybe tls1.1 and tls1.3 can be setup in a safe enough way already?
that's a terrible idea, there are lots of clients that still don't have
tls 1.3, and tls 1.2 introduces tons of features that makes it more
secure than 1.1/1.0
plus someone would have to implement 1.3 :)
next prev parent reply other threads:[~2023-01-25 16:22 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-10 2:24 Anthony Martin
2023-01-18 15:07 ` [9front] " Anthony Martin
2023-01-19 4:30 ` [9front] " ori
2023-01-19 4:48 ` ori
2022-11-10 2:24 ` Anthony Martin
2023-01-28 21:20 ` ori
2023-01-28 21:59 ` cinap_lenrek
2023-01-19 9:50 ` Anthony Martin
2023-01-20 12:12 ` hiro
2023-01-20 21:05 ` Anthony Martin
2023-01-20 22:33 ` hiro
2023-01-21 3:48 ` Anthony Martin
2023-01-21 12:54 ` hiro
2023-01-21 17:29 ` Steve Simon
2023-01-22 16:00 ` hiro
2023-01-22 7:55 ` Anthony Martin
2023-01-22 16:10 ` hiro
2023-01-23 11:18 ` Anthony Martin
2023-01-23 13:16 ` hiro
2023-01-23 14:24 ` Ori Bernstein
2023-01-23 14:29 ` Ori Bernstein
2023-01-24 0:14 ` hiro
2023-01-24 0:16 ` hiro
2023-01-25 16:19 ` kemal [this message]
2023-01-25 16:39 ` hiro
2023-01-25 17:07 ` kemal
2023-01-25 17:18 ` hiro
2023-01-25 17:30 ` kemal
2023-01-25 17:36 ` kemal
2023-01-26 20:54 ` hiro
2023-01-26 21:52 ` Frank D. Engel, Jr.
2023-01-27 6:11 ` kemal
2023-01-27 10:55 ` hiro
2023-01-27 17:38 ` kemal
2023-01-23 16:23 ` hiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CABO6sheBh-oj_Y25s4sE1QfjzOAQBC2aF0tRg3cik2kArJsGMQ@mail.gmail.com \
--to=kemalinanc8@gmail.com \
--cc=9front@9front.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).