[Haskell-cafe] heads-up: tls v2.0.0
Jo Durchholz
jo at durchholz.org
Fri Jan 19 07:19:06 UTC 2024
On 19.01.24 02:51, Viktor Dukhovni wrote:
> I'd very much prefer that support for TLS 1.0/1.1 not be removed. Any
> chance you could find some way to explicitly keep these protocol
> versions enabled?
Could you switch to unencrypted connections?
As far as my current knowledge goes, 1.x TLS isn't significantly safer
than unencrypted anyway.
Your other option would be to stick with the older tls library.
If your code is again library code for consumption in other people's
projects, you should consider retracting it, as it is (and in fact has
been) undermining communication security for years.
Regards,
Jo
More information about the Haskell-Cafe
mailing list