[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?
|
From: |
Bruno Haible |
|
Subject: |
Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib? |
|
Date: |
Thu, 14 Sep 2017 02:08:26 +0200 |
|
User-agent: |
KMail/5.1.3 (Linux/4.4.0-93-generic; KDE/5.18.0; x86_64; ; ) |
Paul Eggert wrote:
> When it doesn't work, it's because I use Firefox configured
> with security.tls.version.min set to 2, which means to use TLS 1.1 or
> later,
Well, that's a non-default configuration of Firefox :-)
> and whatever lists.gnu.org clone I happen to contact is
> old-fashioned and supports TLS 1.0 at best.
Indeed, the SSL report of ssllabs.com for lists.gnu.org (208.118.235.17)
says that the server supports only TLS 1.0.
> No big deal; I wouldn't change the URLs back to HTTP as I expect the
> matter will be fixed sooner or later.
Even if it doesn't get fixed soon: I think it is better if people access
a server over HTTPS with TLS 1.0, rather than with HTTP and no encryption
at all. Even if ssllabs.com explains [1] that "TLS 1.0 is insecure".
Bruno
[1]
https://blog.qualys.com/ssllabs/2015/05/22/ssl-labs-increased-penalty-when-tls-12-is-not-supported
- FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Paul Eggert, 2017/09/12
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Jim Meyering, 2017/09/12
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Bruno Haible, 2017/09/12
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Tim Rühsen, 2017/09/13
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Paul Eggert, 2017/09/13
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Bruno Haible, 2017/09/13
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Paul Eggert, 2017/09/13
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?,
Bruno Haible <=
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Paul.Koning, 2017/09/14
- Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?, Bruno Haible, 2017/09/14