Opened 4 years ago
Closed 3 years ago
#16350 closed task (fixed)
Disable TLS 1.0/1.1 on dev.haiku-os.org
| Reported by: | Coldfirex | Owned by: | nielx |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | Website/Trac | Version: | |
| Keywords: | Cc: | ||
| Blocked By: | Blocking: | ||
| Platform: | All |
Description
Per best security practices we should look into disabling TLS 1.0 and 1.1 on dev.haiku-os.org. It is already disabled on the main website.
Change History (8)
comment:1 by , 4 years ago
comment:2 by , 4 years ago
Because it has known security issues, the security community has been advising everyone to disable it for years, and all web browsers are planning on dropping support for it.
comment:4 by , 4 years ago
No, but if the main website pulls up under Haiku then it is supported (it is TLS 1.2+ only).
comment:5 by , 3 years ago
Think we could shoot for this after we get Beta 3 out? I cant make the changes but I am familiar with performing this on different OSs and web servers if assistance is required.
comment:6 by , 3 years ago
| Status: | new → in-progress |
|---|
PR sent in: https://github.com/haiku/infrastructure/pull/65
comment:7 by , 3 years ago
Replying to nielx:
Have you checked Haiku's support for TLS 1.2 and up?
Haiku does not support TLS 1.0, only 1.1 and up
We should support 1.2 fine afaik.
(I was under the impression 1.1 was disabled too, but apparently not :)
https://git.haiku-os.org/haiku/tree/src/kits/network/libnetapi/SecureSocket.cpp#n354
comment:8 by , 3 years ago
| Milestone: | Unscheduled |
|---|---|
| Resolution: | → fixed |
| Status: | in-progress → closed |
Could you make the case for this?