httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noel Butler <noel.but...@ausics.net>
Subject Re: SSL/TLS best current practice
Date Mon, 11 May 2015 00:39:29 GMT
 

Thanks Christian. 

On 11/05/2015 01:57, Christian Seiler wrote: 

> On 05/10/2015 03:26 AM, Noel Butler wrote: 
> 
>> Can any SUSE and debian users confirm the current supported stable
>> release supports 1.2?
> 
> Currently, three Debian releases are still supported:
> 
> - Debian Jessie (current stable)
> * released 2015-04
> - main support will end 2018-05
> - possibly LTS until 2020-04
> * ships Apache 2.4.10
> * ships OpenSSL 1.0.1k + patches
> * supports TLS v1.2 chipers
> 
> - Debian Wheezy ("oldstable")
> * release 2013-05
> - main support will end 2016-02
> - probably LTS until 2018-05
> * ships Apache 2.2.22 + patches
> * ships OpenSSL 1.0.1e + patches
> * supports TLS v1.2 chipers
> 
> - Debian Squeeze ("oldoldstable")
> * release 2011-02
> * only x86 architectures still supported ("long term support", LTS)
> and there not all packages (but Apache and OpenSSL still are)
> - LTS will end 2016-02
> * ships Apache 2.2.16 + patches
> * ships OpenSSL 0.9.8o + patches
> * only supports SSLv3 chipers (esp. no SHA2 family hashes)
> 
> Note that Debian Jessie's Apache default configuration already comes with:
> 
> SSLCipherSuite HIGH:!aNULL
> SSLProtocol all -SSLv3
> 
> Christian

 
Mime
View raw message