On 2020-04-30 13:55, Chad Hoolie wrote:
> Any idea about relayd though? I don't see any mentioning of 1.3 in man relayd.conf:
I'm not a dev but tls1.3 dropped RSA and I think requires ecdsa key support that
relayd currently lacks.
Although httpd was originally based on relayd. I assume the code is different
here because of relayds more complex tls interception and acceleration abilities.
Pound and nginx may be alternatives, but they likely won't protect the key so
well, if an exploit is found.
No comments:
Post a Comment