Hello, since TLS 1.3 PSK is incompatible with TLS 1.2, is there an
update patch for recent haproxy to work with TLS 1.3?
On Mon, Jan 9, 2017 at 8:07 AM, Nenad Merdanovic wrote:
> Hello,
>
> On 1/5/2017 4:47 PM, Emeric Brun wrote:
>> On 01/05/2017 04:22 AM, Nenad Merdanovic wrote:
>>> I have a wor
On Thu, Apr 20, 2017 at 07:27:47PM +0200, Nenad Merdanovic wrote:
> Gil,
>
> On 04/05/2017 10:02 AM, Gil Bahat wrote:
> > Hey Nenad,
> >
> > did anything come out of this? interestingly enough, some compliance
> > challenges I was facing brought this to mind again.
>
> Sadly I didn't have any ti
Gil,
On 04/05/2017 10:02 AM, Gil Bahat wrote:
> Hey Nenad,
>
> did anything come out of this? interestingly enough, some compliance
> challenges I was facing brought this to mind again.
Sadly I didn't have any time to work on this. I did check a bit and
found the maps interface somewhat counter-
Hey Nenad,
did anything come out of this? interestingly enough, some compliance
challenges I was facing brought this to mind again.
Regards,
Gil
On Thu, Jan 5, 2017 at 5:22 AM, Nenad Merdanovic
wrote:
> I have a working patch for this, but it's very ugly currently (minimal
> error checking, n
Tested and it works! Could we expect a rtt reduce?
On Mon, Jan 9, 2017 at 8:07 AM, Nenad Merdanovic wrote:
> Hello,
>
> On 1/5/2017 4:47 PM, Emeric Brun wrote:
>> On 01/05/2017 04:22 AM, Nenad Merdanovic wrote:
>>> I have a working patch for this, but it's very ugly currently (minimal
>>> error c
Hello,
On 1/5/2017 4:47 PM, Emeric Brun wrote:
> On 01/05/2017 04:22 AM, Nenad Merdanovic wrote:
>> I have a working patch for this, but it's very ugly currently (minimal
>> error checking, no warnings/messages, no docs, very basic tests done
>> only, etc.)
>>
>> I expect to have a version for rev
On 01/05/2017 04:22 AM, Nenad Merdanovic wrote:
> I have a working patch for this, but it's very ugly currently (minimal
> error checking, no warnings/messages, no docs, very basic tests done
> only, etc.)
>
> I expect to have a version for review by EOW (depending on the workload,
> maybe a bit s
I have a working patch for this, but it's very ugly currently (minimal
error checking, no warnings/messages, no docs, very basic tests done
only, etc.)
I expect to have a version for review by EOW (depending on the workload,
maybe a bit sooner).
Regards,
Nenad
On 1/2/2017 10:11 AM, Gil Bahat wro
yes, stunnel was my original inspiration for this request, I wanted HAproxy
to communicate with stunnel-backed services. actually, stunnel implements
both PSK server and PSK client and it would make sense for HAproxy to have
both. TLS 1.3 also appears to significantly improve PSK with combinations
Stunnel supports it, https://www.stunnel.org/auth.html, quite simple.
On Sun, Jan 1, 2017 at 4:34 PM, Willy Tarreau wrote:
> On Sun, Jan 01, 2017 at 01:16:37AM +0800, Igor Pav wrote:
>> Sounds good for SSL backend, is this possible?
>
> Indeed that sounds interesting for such use cases. I have no
On Sun, Jan 01, 2017 at 01:16:37AM +0800, Igor Pav wrote:
> Sounds good for SSL backend, is this possible?
Indeed that sounds interesting for such use cases. I have no idea what it
requires to set it up nor what needs to be configurable. Does anyone have
any pointer to any product supporting it ?
Sounds good for SSL backend, is this possible?
On Sun, Oct 25, 2015 at 12:22 PM, Gil Bahat wrote:
> Hi,
>
> I was wondering if HAProxy can do TLS-PSK. this cipher setting is
> advantageous in several scenarios, in particular with low-end clients or
> with stunnel backends. However, since I could
Hi,
I was wondering if HAProxy can do TLS-PSK. this cipher setting is
advantageous in several scenarios, in particular with low-end clients or
with stunnel backends. However, since I could not find any configuration
option that denotes the preshared key, I would assume that this is not
supported b
13 matches
Mail list logo
