Page MenuHomeFreeBSD

Remove support for SSLv3 from fetch(3)
ClosedPublic

Authored by jkim on May 21 2020, 9:44 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 6, 11:32 PM
Unknown Object (File)
Thu, Oct 2, 2:17 AM
Unknown Object (File)
Wed, Oct 1, 5:51 PM
Unknown Object (File)
Tue, Sep 30, 7:49 PM
Unknown Object (File)
Tue, Sep 30, 5:18 AM
Unknown Object (File)
Fri, Sep 19, 3:41 AM
Unknown Object (File)
Sep 12 2025, 4:05 PM
Unknown Object (File)
Aug 31 2025, 8:04 AM
Subscribers

Details

Summary

We want to disable SSLv3 support from FreeBSD 13. Please see D24945.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

jkim requested review of this revision.May 21 2020, 9:44 PM
cem added a subscriber: cem.

Maybe TLS 1.0/1.1 should switch to being opt-in, like SSL2/3 before? Not a requirement for this change.

This revision is now accepted and ready to land.May 21 2020, 9:48 PM
bjk added a subscriber: bjk.

I agree with Conrad (but it should be a separate review); TLS 1.0 and 1.1's days are numbered, and I should really get around to progressing https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-06

This revision was automatically updated to reflect the committed changes.