directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Emmanuel Lécharny <>
Subject Re: StartTLS enforced
Date Thu, 25 Feb 2016 17:59:15 GMT
Le 25/02/16 18:25, Ogg a écrit :
> sure, i was aware of this feature, however it would be nice to see a roadmap to have
those insecure versions actually removed from apacheDS, eg promote better security choices
by not offering obviously broken protocols. 

It would be good if they were banned from any of the existing
applications ;-)

Sadly, many people are still using them... Consider that Microsoft IE 11
is still accepting SSL 3.0 if you enable it (FF removed support for SSL
3 in June 2015 and Chrome in April 2015). TLS 1.0 is still enabled on
all the browsers.

View raw message