Revisiting Issue #359 - Allow OpenSSL options to be specified

2015-07-27 Thread Seth
Copying my comment on this ticket[1] to the list for discussion --- I would like to re-open discussion on this issue for a different use case: In light of more vulnerabilities discovered in the TLSv1.0 protocol since Dec 2013, I no longer feel it provides acceptable security and would like

Re: Revisiting Issue #359 - Allow OpenSSL options to be specified

2015-07-27 Thread Seth
On Mon, 27 Jul 2015 12:53:19 -0700, Török Edwin ed...@etorok.net wrote: Would this be for incoming or outgoing connections? It's the incoming that I'm primarily concerned with, but that's a good point to raise. Should the setting effect both directions or be applied independently? For

Re: SSL/TLS

2015-07-27 Thread Seth
On Mon, 27 Jul 2015 19:40:39 -0700, SSL tuy...@aoiyuma.mydns.jp wrote: i am afraid of being attacked . so i want to limit PCs in japan only (if japanese PC is hacked , this setting in not safe ) . It would probably be more appropriate and effective to use a firewall such as OpenBSD's pf to