[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] TLS 1.3 and HKPS pool
|
From: |
Kristian Fiskerstrand |
|
Subject: |
Re: [Sks-devel] TLS 1.3 and HKPS pool |
|
Date: |
Mon, 19 Mar 2018 22:14:00 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 |
On 03/19/2018 10:08 PM, Phil Pennock wrote:
> Do we care?
I'm tempted to say no.. if there is a breakage that needs to be fixed
anyhow, and for most users on LTS branches of distros it will take a
while for the libraries that use tls 1.3 to begin with will be
distributed. If a client experience issues on it they can disable it,
although it might be worthwhile to file a RFE for gnupg's dirmngr if we
encounter such issues for it to add a tls version flag; doesn't it make
more sense for the client to specify version than to try to control it
server-side (and monitoring it)
Now.. if anyone were to actually disable everything but 1.3, that'd be
exclusion worthy from the pool, but lets do this manually if so.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Veni, vidi, vacatum
I came , I saw, I left
signature.asc
Description: OpenPGP digital signature