On Thu, Jul 17, 2025 at 01:23:30AM +0200, Vincent Lefevre wrote: > Control: found -1 2.4.63-1 > Control: found -1 2.4.64-1 > Control: tags -1 security > > On 2023-11-15 13:32:32 +0100, David Prévot wrote: > > Le Thu, Oct 24, 2019 at 05:50:50PM +0200, Kurt Roeckx a écrit : > > > I was expecting TLS 1.0 and 1.1 to be disabled > > > > Same here. Four years later, RFC 8996 (Deprecating TLS 1.0 and TLS 1.1) > > has been published and most clients have been updated, so could we > > please review the default SSLProtocol before Trixie gets released? > > I'm also wondering why they are still enabled by default...
Do you still see it enabled? As far as I know, OpenSSL now not only requires you to enable the protocol, but also lower the security level to 0 to be able to do TLs 1.0 and 1.1. Kurt
