[Pkg-nginx-maintainers] Bug#982745: nginx-common: don't enable TLSv1 or TLSv1.1 in default configuration
Chris Hofstaedtler
zeha at debian.org
Fri Apr 23 22:24:26 BST 2021
* didi.debian at cknow.org <didi.debian at cknow.org> [210423 21:23]:
> TLSv1.2 was defined in 2008, so I don't think it's to 'wild' to use that
> as a default for security in the default configuration of nginx for Bullseye.
You seem to neglect to mention that SSL/TLS is disabled in the
default configuration. I agree that suggesting better defaults would
be preferable, but this is hardly an nginx-only problem, or would
it make nginx unusable.
Chris
More information about the Pkg-nginx-maintainers
mailing list