‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday 30. April 2020 kl. 16:38, Kevin Chadwick <m8il1ists@gmail.com> wrote:
> On 2020-04-30 13:55, Chad Hoolie wrote:
>
> > Any idea about relayd though? I don't see any mentioning of 1.3 in man relayd.conf:
>
> I'm not a dev but tls1.3 dropped RSA and I think requires ecdsa key support that
> relayd currently lacks.
>
> Although httpd was originally based on relayd. I assume the code is different
> here because of relayds more complex tls interception and acceleration abilities.
>
> Pound and nginx may be alternatives, but they likely won't protect the key so
> well, if an exploit is found.
Hello,
Is there any chance we can have TLS 1.3 support in relayd in the upcoming 6.7 release?
There seems to be clear indication that Google and other search engines do favor TLS 1.3 sites over 1.2: The Era of TLS 1.3: Measuring Deployment and Usewith Active and Passive Methods: https://arxiv.org/pdf/1907.12762.pdf
--Cheers, Chad
Sent with ProtonMail Secure Email.
No comments:
Post a Comment