mån 2011-01-24 klockan 17:28 +0100 skrev Ralf Hildebrandt:
> > Making SSLv3-only or TLSv1-only the default from Squid-3.2 onwards.
>
> Yes please
Please note that this change will only impact some specific
configurations and not normal proxying:
* sslbump
* cache_peer using ssl option. Mostly (only?) used in reverse
proxy setups.
* URL rewrites (not redirects) from http to https. Not sure anyone
uses this.
* http->https gatewaying for clients not natively supporting
https. This mode is pretty much obsolete by now, when even the
simplest clients supports https today.
In normal proxying it's the browsers SSL policy that defines which SSL
protocol version it will use in it's initial SSL handshake message.
Regards
Henrik
Received on Mon Jan 24 2011 - 19:55:02 MST
This archive was generated by hypermail 2.2.0 : Tue Jan 25 2011 - 12:00:05 MST