#
1.6 |
|
29-Oct-2023 |
kn |
Unmention/don't explain SSL, drop 9y old "ssl" keyword/deprecation warning
Switch "ssl" to "tls" in relayd.conf(5) if you haven't done so in the last ten years, "ssl" is now an error.
Say "TLS" not "SSL/TLS" and drop the primer in the TLS RELAYS section.
OK benno
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE OPENBSD_7_2_BASE OPENBSD_7_3_BASE OPENBSD_7_4_BASE
|
#
1.5 |
|
06-May-2018 |
benno |
don't put options in here that should not be needed in the majority of cases and will just be copied by users without thinking. ok claudio@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.4 |
|
23-Mar-2018 |
claudio |
Since a while relayd switched from the TLS session cache to using only TLS session tickets instead. Adjust example relayd.conf file. From Matt Schwartz, reminded by jmc@ OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.3 |
|
12-Dec-2014 |
reyk |
Change the keyword "ssl" to "tls" to reflect reality since we effectively disabled support for the SSL protocols. SSL remains a common term describing SSL/TLS, there is some controvery about this change, and the name really doesn't matter, but I feel confident about it now.
(btw., sthen@ pointed out some historical context: http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html)
OK benno@, with input from tedu@
|
#
1.2 |
|
21-Oct-2014 |
lteo |
Remove SSLv2 and SSLv3 references from the example relayd.conf and the relevant example snippet in the relayd.conf(5) man page.
Change the default SSL protocols in the example file/man page to "no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1 and TLSv1.2 protocols only.
feedback/ok jsing@ reyk@ sthen@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.1 |
|
11-Jul-2014 |
deraadt |
Move more files into the examples directory...
|
#
1.5 |
|
06-May-2018 |
benno |
don't put options in here that should not be needed in the majority of cases and will just be copied by users without thinking. ok claudio@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.4 |
|
23-Mar-2018 |
claudio |
Since a while relayd switched from the TLS session cache to using only TLS session tickets instead. Adjust example relayd.conf file. From Matt Schwartz, reminded by jmc@ OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.3 |
|
12-Dec-2014 |
reyk |
Change the keyword "ssl" to "tls" to reflect reality since we effectively disabled support for the SSL protocols. SSL remains a common term describing SSL/TLS, there is some controvery about this change, and the name really doesn't matter, but I feel confident about it now.
(btw., sthen@ pointed out some historical context: http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html)
OK benno@, with input from tedu@
|
#
1.2 |
|
21-Oct-2014 |
lteo |
Remove SSLv2 and SSLv3 references from the example relayd.conf and the relevant example snippet in the relayd.conf(5) man page.
Change the default SSL protocols in the example file/man page to "no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1 and TLSv1.2 protocols only.
feedback/ok jsing@ reyk@ sthen@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.1 |
|
11-Jul-2014 |
deraadt |
Move more files into the examples directory...
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.4 |
|
23-Mar-2018 |
claudio |
Since a while relayd switched from the TLS session cache to using only TLS session tickets instead. Adjust example relayd.conf file. From Matt Schwartz, reminded by jmc@ OK deraadt@
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.3 |
|
12-Dec-2014 |
reyk |
Change the keyword "ssl" to "tls" to reflect reality since we effectively disabled support for the SSL protocols. SSL remains a common term describing SSL/TLS, there is some controvery about this change, and the name really doesn't matter, but I feel confident about it now.
(btw., sthen@ pointed out some historical context: http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html)
OK benno@, with input from tedu@
|
#
1.2 |
|
21-Oct-2014 |
lteo |
Remove SSLv2 and SSLv3 references from the example relayd.conf and the relevant example snippet in the relayd.conf(5) man page.
Change the default SSL protocols in the example file/man page to "no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1 and TLSv1.2 protocols only.
feedback/ok jsing@ reyk@ sthen@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.1 |
|
11-Jul-2014 |
deraadt |
Move more files into the examples directory...
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.3 |
|
12-Dec-2014 |
reyk |
Change the keyword "ssl" to "tls" to reflect reality since we effectively disabled support for the SSL protocols. SSL remains a common term describing SSL/TLS, there is some controvery about this change, and the name really doesn't matter, but I feel confident about it now.
(btw., sthen@ pointed out some historical context: http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html)
OK benno@, with input from tedu@
|
#
1.2 |
|
21-Oct-2014 |
lteo |
Remove SSLv2 and SSLv3 references from the example relayd.conf and the relevant example snippet in the relayd.conf(5) man page.
Change the default SSL protocols in the example file/man page to "no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1 and TLSv1.2 protocols only.
feedback/ok jsing@ reyk@ sthen@
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.1 |
|
11-Jul-2014 |
deraadt |
Move more files into the examples directory...
|