19 Jan
2024
19 Jan
'24
2:19 a.m.
On 19.01.24 02:51, Viktor Dukhovni wrote:
I'd very much prefer that support for TLS 1.0/1.1 not be removed. Any chance you could find some way to explicitly keep these protocol versions enabled?
Could you switch to unencrypted connections? As far as my current knowledge goes, 1.x TLS isn't significantly safer than unencrypted anyway. Your other option would be to stick with the older tls library. If your code is again library code for consumption in other people's projects, you should consider retracting it, as it is (and in fact has been) undermining communication security for years. Regards, Jo