On Thursday 03 May 2012 00:27:51 Gary Palmer wrote:
Their website is out of date.
As its primary public-facing information portal, I'm tempted to say
that's an important priority to get right. Yes, volunteer project,
etc, but the BSD way of doing things is to choose the tool for the
job.
On Wed, 02 May 2012 17:45:27 -0500, Matt Dawson m...@chronos.org.uk
wrote:
IE might be the only client with support for those protocols right now
but somebody has to lead the way on the server side or you end up with
a mutual apathy loop (AKA positive can't be arsed feedback loop).
On Thu, May 3, 2012 at 9:40 AM, Mark Felder f...@feld.me wrote:
On Wed, 02 May 2012 17:45:27 -0500, Matt Dawson m...@chronos.org.uk wrote:
IE might be the only client with support for those protocols right now
but somebody has to lead the way on the server side or you end up with
a mutual
On Thu, 03 May 2012 10:21:24 -0500, Robert Simmons rsimmo...@gmail.com
wrote:
TLS 1.1:
https://bugzilla.mozilla.org/show_bug.cgi?id=565047
TLS 1.2:
https://bugzilla.mozilla.org/show_bug.cgi?id=480514
Cool, thanks for the followup!
___
On Thu, May 3, 2012 at 12:24 PM, Mark Felder f...@feld.me wrote:
On Thu, 03 May 2012 10:21:24 -0500, Robert Simmons rsimmo...@gmail.com
wrote:
TLS 1.1:
https://bugzilla.mozilla.org/show_bug.cgi?id=565047
TLS 1.2:
https://bugzilla.mozilla.org/show_bug.cgi?id=480514
Cool, thanks for the
Robert Simmons wrote:
Is there a plan to update OpenSSL to patch for CVE-2012-2131?
Also, is the DOS vulnerability in libkrb5 that Heimdal 1.5.2 patches
present in Heimdal 1.1 which shipped with 9.0-RELEASE?
I'll second this one.
1. Is there any plans on updating openssl and why not? It's
On Wed, 02 May 2012 16:01:49 -0500, Matt Dawson m...@chronos.org.uk
wrote:
mod_gnutls in ports. Setup is simple for Apache. Prefer the RC4 cipher
which secures SSLv3 against BEAST. This setup on my own HTTPS servers
passes Qualys' own tests with an A rating of 87 and tells me BEAST is
On Wednesday 02 May 2012 23:14:41 Mark Felder wrote:
Why go out of your way and use mod_gnutls?
Because it supports TLSv1.[1|2], which was the PP's question, whereas
OpenSSL doesn't and doesn't show any signs of doing so in the near
future:
On Wed, May 02, 2012 at 11:45:27PM +0100, Matt Dawson wrote:
On Wednesday 02 May 2012 23:14:41 Mark Felder wrote:
Why go out of your way and use mod_gnutls?
Because it supports TLSv1.[1|2], which was the PP's question, whereas
OpenSSL doesn't and doesn't show any signs of doing so in the
On Wed, May 2, 2012 at 7:27 PM, Gary Palmer gpal...@freebsd.org wrote:
On Wed, May 02, 2012 at 11:45:27PM +0100, Matt Dawson wrote:
On Wednesday 02 May 2012 23:14:41 Mark Felder wrote:
Why go out of your way and use mod_gnutls?
Because it supports TLSv1.[1|2], which was the PP's question,
Is there a plan to update OpenSSL to patch for CVE-2012-2131?
Also, is the DOS vulnerability in libkrb5 that Heimdal 1.5.2 patches
present in Heimdal 1.1 which shipped with 9.0-RELEASE?
___
freebsd-security@freebsd.org mailing list
11 matches
Mail list logo
