[Pkg-openssl-devel] Bug#911389: Bug#911389: libssl1.1: loss of WLAN connectivity after upgrading; it's not the library's job to disable TLSv1.0

[Thorsten Glaser]

Ondřej Surý dixit:

>Your initial bug report was inappropriate.

No, it was not.

>It is _absolutely_ job of the security library to set the system-wide
>security policies.

It is absolutely *not* the job of the SSL *library* to *incompatibly*
change the behaviour of *all* applications depending on it, even those
that don’t have as high security requirements as javascript-HTTP combo,
especially when those *other* programs don’t even expose the knobs to
change the settings but the high security requirement ones *do*.

>The Radius server in question needs to be fixed, not the OpenSSL options.

Did you even understand a single thing I wrote?

That particular RADIUS server might eventually be fixed,
but one at a customer’s site would have caused massive issues.

So go back and read my initial mail. Now.