Page MenuHomeFreeBSD

Remove support for SSLv3 from fetch(3)
ClosedPublic

Authored by jkim on May 21 2020, 9:44 PM.

Details

Summary

We want to disable SSLv3 support from FreeBSD 13. Please see D24945.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

jkim requested review of this revision.May 21 2020, 9:44 PM
cem added a subscriber: cem.

Maybe TLS 1.0/1.1 should switch to being opt-in, like SSL2/3 before? Not a requirement for this change.

This revision is now accepted and ready to land.May 21 2020, 9:48 PM
bjk added a subscriber: bjk.

I agree with Conrad (but it should be a separate review); TLS 1.0 and 1.1's days are numbered, and I should really get around to progressing https://tools.ietf.org/html/draft-ietf-tls-oldversions-deprecate-06

This revision was automatically updated to reflect the committed changes.