| Cool VL Viewer forum http://sldev.free.fr/forum/ |
|
| TLS 1.2 ? http://sldev.free.fr/forum/viewtopic.php?f=5&t=1603 |
Page 1 of 1 |
| Author: | Lord [ 2016-03-20 04:17:18 ] |
| Post subject: | TLS 1.2 ? |
Does the Cool VL Viewer include this TLS 1.2 thing that LL says will be needed for transactions ? |
|
| Author: | Henri Beauchamp [ 2016-03-20 07:54:56 ] |
| Post subject: | Re: TLS 1.2 ? |
The Cool VL Viewer is using LL's latest sources for the precompiled OpenSSL and libcurl libraries. It also got the CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST support for XMLRPC transactions (just make sure that the NoVerifySSLCert debug variable is set to FALSE, which is the default value). I'm not sure what exactly LL's TLS v1.2 ruckus is all about (and can't know if things will break till they will actually implement the server changes), but I'm not too worried about an incompatibility issue; my guess is that they want to warn about some old TPV releases that implemented "fixes" (more like kludges, disabling TLS v1.2) for early TLS issues or were using old OpenSSL and libcurl libraries without TLS v1.2 support. |
|
| Author: | kathrine [ 2016-04-17 14:49:10 ] |
| Post subject: | Re: TLS 1.2 ? |
Maybe they just noticed that TLS 1.0 is considered somewhat broken by todays standard. (e.g. openssl 0.98 doesn't provide a single cipher suit that is considered safe for TLS 1.0 anymore). This might be triggered by a move by PCI-DSS (the council setting standards for credit card stuff), which demands it: http://blog.pcisecuritystandards.org/mi ... -early-tls |
|
| Page 1 of 1 | All times are UTC |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|