[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?

From: Bruno Haible
Subject: Re: FTP->HTTPS; maybe HTTP->HTTPS for Gnulib?
Date: Thu, 14 Sep 2017 02:08:26 +0200
User-agent: KMail/5.1.3 (Linux/4.4.0-93-generic; KDE/5.18.0; x86_64; ; )

Paul Eggert wrote:
> When it doesn't work, it's because I use Firefox configured 
> with security.tls.version.min set to 2, which means to use TLS 1.1 or 
> later,

Well, that's a non-default configuration of Firefox :-)

> and whatever lists.gnu.org clone I happen to contact is 
> old-fashioned and supports TLS 1.0 at best.

Indeed, the SSL report of ssllabs.com for lists.gnu.org (
says that the server supports only TLS 1.0.

> No big deal; I wouldn't change the URLs back to HTTP as I expect the 
> matter will be fixed sooner or later.

Even if it doesn't get fixed soon: I think it is better if people access
a server over HTTPS with TLS 1.0, rather than with HTTP and no encryption
at all. Even if ssllabs.com explains [1] that "TLS 1.0 is insecure".



reply via email to

[Prev in Thread] Current Thread [Next in Thread]