Thus said Ken Hornstein on Wed, 31 May 2017 10:19:37 -0400: > I am kind of torn about this. The stuff I have been seeing is that > most everybody should be moving to TLS 1.1 or greater, and I thought > all of the servers out there had supported this a long time ago. What > do others think?
Is it possible for the client (nmh) to control which ciphers it will negotiate with the server? I think it makes sense to leave TLS 1.0 in there as long as the client has control over which ciphers it uses. Are there no decent ciphers in TLS 1.0? nmh could default to a sensible list of them and exclude TLS 1.0 if it thinks that is useful but then make it possible for the user to tailor the list to suit their needs. Thanks, Andy -- TAI64 timestamp: 40000000592ed728 _______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
