[tech] [spec] TLS statistics

Sean Conner sean at conman.org
Wed Dec 30 23:18:31 GMT 2020

Previous message (by thread): [tech] [spec] TLS statistics
Next message (by thread): [tech] [spec] TLS statistics
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It was thus said that the Great colecmac at protonmail.com once stated:
> > * 40 support TLSv1.1
> > * 39 support TLSv1.0
> 
> This was the most surprising/concerning part to me. These servers are
> breaking the spec, and my understanding is that TLS 1.0 is considered
> insecure by experts. I'm less sure about how insecure 1.1 is, but I know
> that it's deprecated in all main browsers by now.
> 
> Do you have any idea what server software is allowing this? Maybe you can
> look at the capsules, as some will say what software they use. That way
> someone can file a bug or submit a patch/PR.

  The server software and the TLS library would be nice.  My own server,
<gemini://gemini.conman.org/> is running GLV-1.12556, written in Lua, and
using LibreSSL (specifically because it comes with libtls, a sane TLS
wrapper around the rest of LibreSSL).  It could very well be a limitation of
the TLS library itself.

  -spc

Previous message (by thread): [tech] [spec] TLS statistics
Next message (by thread): [tech] [spec] TLS statistics
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list