Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 14 May 2015 13:31:41 +0200
From:      Dan Lukes <dan@obluda.cz>
To:        Liste FreeBSD-security <freebsd-security@freebsd.org>
Subject:   Re: Forums.FreeBSD.org - SSL Issue?
Message-ID:  <5554879D.7060601@obluda.cz>
In-Reply-To: <F2460C80-969A-46DF-A44F-6C3D381ABDC3@patpro.net>
References:  <CACRVPYOALi-V8D34zeJTYdSwHshYrqtttqVV3=aP8Yb6ZAxfyg@mail.gmail.com> <2857899F-802E-4086-AD41-DD76FACD44FB@modirum.com> <05636D22-BBC3-4A15-AC44-0F39FB265CDF@patpro.net> <20150514193706.V69409@sola.nimnet.asn.au> <F2460C80-969A-46DF-A44F-6C3D381ABDC3@patpro.net>

next in thread | previous in thread | raw e-mail | index | archive | help
Patrick Proniewski wrote:
>> "Data Transfer Interrupted
>> The connection to forums.freebsd.org has terminated unexpectedly. Some 
>> data may have been transferred."
> 
> looks like your browser/OS does not support TLS 1.2.

I'm confused by FreeBSD policy, a lot.

Base OpenSSL in still supported releases is too old version and doesn't
support TLS 1.2 as well.

Either TLS 1.0 is so insecure and should not be used, or is secure
enough for FreeBSD.

In the first case the base OpenSSL should be updated to something more
recent (so dangerous TLS 1.0 only should be considered security issue).

In the second case I see no reason to disable TLS 1.0 on
https://forums.freebsd.org - regardless the Qualsys rating.

I don't care which solution will be selected.

Just my $0.02

Dan




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5554879D.7060601>