Am 02.02.2015 um 17:12 schrieb Jan Ingvoldstad: >> But Ubuntu 12 LTS has OpenSSL which supports TLSv1.2 and PFS. > Debian Squeeze was feature-frozen in August 2010, one and a half year > before Ubuntu 12.04 LTS. That is, it was feature-frozen while Ubuntu > 10.04 was the current Ubuntu version. > > If you want to compare Ubuntu 12 LTS with a Debian release, the > closest we've got is Wheezy. > >> Furthermore I discovered mail services of my clients that only >> support TLSv1.2 - and because of this, encrypted e-mail communication >> fails. And, from IT security point of view, I can only recommend a >> service or a software to my clients that obeys the protective legal >> requirements. Additionally I think that the supported encryption >> protocol is a security issue! >> >> To sum this up: we need Debian 6 LTS with TLSv1.2 (i.e. with a recent >> OpenSSL implemenation). > I agree that it would be nice, but the writing has been on the wall > regarding which Debian release you should look to for TLS and PFS > support since Wheezy was frozen in 2012. > No, the point is the claim that Debain 6 LTS has 5 year support until mid. 2016. And as a user I expect Debian 6 LTS is up-to-date (from security point of view) until mid. 2016. But with missing TLSv1.2 it is NOT. Nevertheless when the code freeze was. > I think you'd be better served by migrating to Wheezy or Jessie. Really? With the customer projects there is no budget for migration to a new release. The migration is planned in early summer 2016. And the migration would not be straight-forward, because Linux Virtual Server support was dropped with Debian 7 and some important concepts have changed in Linux Containers. > > -- > Cheers, > > Jan Condolence
Uwe
smime.p7s
Description: S/MIME Cryptographic Signature
